OPC UA server integrates right on CPU of PLC S7-1500|Miscellaneous|Forum|OPC Foundation

Avatar
sp_LogInOut Log In
sp_Search Search
Advanced Search
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
sp_Search Search
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
OPC UA server integrates right on CPU of PLC S7-1500
Avatar
Nick Jonson
New Member
Members
Forum Posts: 1
Member Since:
07/16/2019
sp_UserOfflineSmall Offline
1
07/16/2019 - 19:38
sp_Permalink sp_Print

Should I use it? Because I find it quite convenient to allow SCADA to access easily without internet connection through any middleware.

Avatar
Randy Armstrong
Admin
Forum Posts: 1457
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
2
07/17/2019 - 13:15
sp_Permalink sp_Print

Any server that is accessible directly from the internet is at risk of being a target for a DoS attack done by flooding a server with connect requests. These attacks are hard to prevent because they often emulate valid users. You need to assess the potential impact on your applications. Most people choose to use a gateway because gateways running on server OSes are more able to to handle DoS attacks.

Before making an S7-1500 available via the internet you also need to disable all obsolete security policies and ensure your trust lists are set up properly. You also need procedures in place to handle a revocation of rights for a previously authorized client in a case the certificate is compromised (i.e. a laptop is stolen).

In short, while it is possible to put a PLC on the internet the resulting security risks will usually make a gateway a better solution.

sp_Feed
Go to top
Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online:
Guest(s) 34
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1354
Posts: 4590