ETHERNET/IP

EtherNet/IP settings

Max. number of pending requests Maximum number of requests without responses in a single EtherNet/IP session. This value has to be between 1 and 512 seconds (default value: 10).
Maximum request duration (seconds) This value is the period after which EtherNet/IP requests without responses will be deleted. This value has to be between 1 and 3600 seconds (default value: 10).
Maximum message size (bytes) This value makes it possible to restrict the size allowed for an EtherNet/IP message. It has to be between 24 and 65535 (default value: 65535).

EtherNet/IP command management

Public commands

This list sets out the public EtherNet/IP functions allowed by default on the firewall. The action (Analyze / Block) applied to each command can be modified by clicking in the Action column. The Modify all commands button allows modifying the action (Analyze / Block) applied to all commands.

Other commands allowed

This list makes it possible to allow additional EtherNet/IP commands blocked by default on the firewall. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.

Support

Disable intrusion prevention

When this option is selected, the scan of the EtherNet/IP protocol will be disabled and traffic will be authorized if the filter policy allows it.

Log every EtherNet/IP query

Enables or disables the logging of EtherNet/IP requests.

Automatically detect and inspect the protocol If this protocol has been enabled, it will automatically be used for discovering corresponding packets in filter rules.