IEC 60870-5-104 (IEC 104)

Settings

Maximum number of pending requests Maximum number of requests without responses in a single session. This value has to be between 1 and 32768 seconds (default value: 12).
Maximum request duration (seconds) This value is the period after which requests without responses will be deleted. This value has to be between 1 and 255 seconds (default value: 10).
Maximum message size (bytes) This value makes it possible to restrict the size allowed for a message. It has to be between 12 and 255 (default value: 255).

Redundancy

The IEC 104 protocol adds the concept of redundancy: a client host sets up a certain number of connections with its server, with only one of these connections active at any given time. This set of connections is called a "redundancy group". Whenever the active connection is disrupted, one of the established connections will immediately take over.

Maximum number of redundancy groups This is the maximum number of redundancy groups allowed per server.
Maximum number of redundant connections This is the maximum number of connections that can be set up in a redundancy group.

ASDU management

Public IDs

This table shows the predefined ASDUs (Application Service Data Units) on the firewall. ASDUs, represented by their identifiers, are classified byType Id: System information, Settings and Process information.

These public type identifiers are allowed by default (Analyze action). The buttons Block by Type ID set, Analyze by Type ID set and Modify all Type IDs allow modifying the action (Analyze / Block) applied to the selected ASDU set or to all ASDUs listed in the table.

Other authorized Type IDs

This list allows additional identifiers to be added. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.

Support

Disable intrusion prevention

When this option is selected, the scan of the protocol will be disabled and traffic will be authorized if the filter policy allows it.

Log each IEC 60870-5-104 request

Enables or disables the logging of requests.

Automatically detect and inspect the protocol If this protocol has been enabled, it will automatically be used for discovering corresponding packets in filter rules.