IEC 61850 MMS (IPS)
IEC61850 is a communication standard that protection systems on substations use in the electrical energy industry.
Specifically, IEC 61850 is used in communications between intelligent electronic devices located on distribution substations in a power grid. Intelligent electronic devices, also known as IEDs, essentially include microprocessor-based protective relays, measuring devices, programmable logic controllers, and fault and event recorders. With these devices, power grids can be monitored in real time, therefore making the substation “intelligent”.
Manage MMS services
| Block reserved services | When this option is selected, you will block a particular confirmed service - the service labeled Reserved service and associated with ID 79 in the specifications of the IEC61850 protocol. |
"Confirmed services" tab
This table lists the standard confirmed IEC61850 MMS services (services that require a reply) predefined on the firewall, classified by service group: VMD Support, Domain Management, Program Invocation Management, Variable Access, Data Exchange, Semaphore Management, Operator Communication, Event Management, Event Condition, Event Action, Event Enrollment, Journal management, File Management, Scattered Access and Access Control.
Predefined confirmed IEC61850 MMS services are allowed by default (Analyze action) and this action can be modified for each one of them. The buttons Block by service set, Analyze by service set and Modify all services make it possible to edit the action (Analyze / Block) applied to the selected service set or to all services listed in the table.
"Additional confirmed services" tab
This table lists the additional confirmed IEC61850 MMS services (services that require a reply) predefined on the firewall, classified by service group: VMD Support, Program Invocation Management, Unit Control and Event Condition.
Predefined additional IEC61850 MMS services are allowed by default (Analyze action) and this action can be modified for each one of them. The Modify all services button makes it possible to edit the action (Analyze / Block) applied to all services listed in the table.
Support
| Disable intrusion prevention | When this option is selected, the analysis of the IEC 61850 MMS protocol will be disabled and traffic will be allowed if the filter policy allows it. |
| Log every IEC 61850 MMS request | Enables or disables logs that capture IEC 61850 MMS requests. |
| Automatically detect and inspect the protocol | If this protocol is enabled, the inspection function will automatically apply to discover corresponding traffic that filter rules allow. |