×
Siemens Industry Online Support
Siemens AG
Entry type: Application example Entry ID: 109759758, Entry date: 08/24/2018
(1)
Rate

Setting up an IPsec VPN connection between CP 1543SP-1 and SCALANCE S615

  • Entry
  • Associated product(s)
To ensure secure operation in a digital enterprise, data transmission can be encrypted using Virtual Private Network (VPN) to protect against data espionage and tampering. This application example shows you how you can use the SCALANCE S615 industrial security appliance and the CP 1543SP-1 communication processor to establish a VPN connection.

Industrial security
In the face of digitization and the increasing networking of machinery and equipment, data security must always be taken into account. The use of industrial security solutions precisely tailored to the needs of industry is therefore of fundamental importance – and should be inseparably linked with industrial communication.

This includes the following points:

  • Use of robust products with security features and security services

  • Use of concepts such as "Defense in Depth" and a holistic security concept

VPN as a solution
To ensure secure operation in a digital enterprise, data transmission can be encrypted using Virtual Private Network (VPN) to protect against data espionage and tampering. The communication partners are securely authenticated.

Automation networks, automation systems and industrial communication can be secured with the Industrial Security Appliances SCALANCE SC, the Industrial Routers SCALANCE M or the Security Communication Processors for SIMATIC.

Applicative implementation
This application example shows you how you can use the SCALANCE S615 industrial security appliance and the CP 1543SP-1 communication processor to establish a VPN connection. The Internet Protocol Security (short: IPsec) is used.



Fig. 1

If you use these security modules, you have the following added value:

  • Protection of networks and individual TIA components as part of the "Defense in Depth" security concept.

  • Flexibly configurable security zones can be realized.

  • Controlled and encrypted data traffic between the modules via IPsec.

  • High safety for machines and systems by implementing the cell protection concept.

  • Safe access to SIMATIC ET 200SP.

  • Versatile project planning with TIA Portal, Web Based Management (WBM), Command Line Interface (CLI) and Simple Network Management Protocol (SNMP).

  • Easy integration into existing networks and protection of devices without their own security functions.

Downloads
 Documentation (1,6 MB)

Further Information
Getting Started with Industrial Remote Communication 
All-round protection with Industrial Security 

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit
https://www.siemens.com/cybersecurity#Ouraspiration.
Rate entry
no rating
Requests and feedback
What do you want to do?
Note: The feedback always relates to the current entry / product. Your message will be forwarded to our technical editors working in the Online Support. In a few days, you will receive a response if your feedback requires one. If we have no further questions, you will not hear from us.