User administration for SCALANCE devices with RADIUS protocol
The issue of security also gains more importance in this context. Nevertheless, each network component is an access point to the corporate network and thus also to the values of a corporation.
A default password to the known "admin" user is relatively easy to determine. By taking over a network node, one can quickly hijack the whole network.
Therefore, the corresponding protection mechanisms have to be implemented at the network level. This includes, in particular, a central user management feature that provides improved security by avoiding standard logins/passwords. This also provides increased comfort, as each user requires only one password to his individual account rather than multiple different passwords for different devices.
This Application Example shows you how to accomplish central user administration for the network components. The server role "Network Policy Service (NPS)" is purposely installed and configured on a domain server or a dedicated RADIUS server. RADIUS is set as the login method on the SIMATIC NET components used.
This solution has the following advantages:
- Increased security by avoiding standard logins/passwords
- Centralized user administration
- Comfort: Each user needs only one password to his personal account instead of multiple different passwords for different devices.
- Windows Server operating systems with installed MS Network Policy Server (MS NPS)
- SCALANCE X switches, series 300, 400 and 500
- SCALANCE S security module, starting from Firmware V4.0