×
Siemens Industry Online Support
Siemens AG
Entry type: Application example Entry ID: 98210507, Entry date: 03/24/2015
(3)
Rate

User administration for SCALANCE devices with RADIUS protocol

  • Entry
  • Associated product(s)
Modern automation infrastructures are becoming increasingly complex. The individual stations and components are increasingly networked and develop continuously. The more complex the networks become, the more central maintainability gains on importance.

The issue of security also gains more importance in this context. Nevertheless, each network component is an access point to the corporate network and thus also to the values of a corporation.
A default password to the known "admin" user is relatively easy to determine. By taking over a network node, one can quickly hijack the whole network.
Therefore, the corresponding protection mechanisms have to be implemented at the network level. This includes, in particular, a central user management feature that provides improved security by avoiding standard logins/passwords. This also provides increased comfort, as each user requires only one password to his individual account rather than multiple different passwords for different devices.

Solution
This Application Example shows you how to accomplish central user administration for the network components. The server role "Network Policy Service (NPS)" is purposely installed and configured on a domain server or a dedicated RADIUS server. RADIUS is set as the login method on the SIMATIC NET components used.


Figure 01

This solution has the following advantages:

  • Increased security by avoiding standard logins/passwords
  • Centralized user administration
  • Comfort: Each user needs only one password to his personal account instead of multiple different passwords for different devices.
  • Expandability

Validity

  • Windows Server operating systems with installed MS Network Policy Server (MS NPS)
  • SCALANCE X switches, series 300, 400 and 500
  • SCALANCE S security module, starting from Firmware V4.0
 

Documentation

  User administration for SCALANCE devices with RADIUS protocol (1,6 MB)

Further information

SIMATIC Process Control System PCS 7 Compendium Part F - Industrial Security (V8.0)
All-round protection with Industrial Security

Last Changes
Error correction