ETHERNET/IP (IPS tab)
Settings
| Max no. of pending requests | Maximum number of requests without responses in a single EtherNet/IP session. This value has to be between 1 and 512 seconds (default value: 10). |
| Maximum request duration (in seconds) | This value is the period after which EtherNet/IP requests without responses will be deleted. This value has to be between 1 and 3600 seconds (default value: 10). |
| Maximum message size (bytes) | This value makes it possible to restrict the size allowed for an EtherNet/IP message. It has to be between 24 and 65535 (default value: 65535). |
Commands management
Public commands tab
This list sets out the public EtherNet/IP functions allowed by default on the firewall. The action (Allow/Block) applied to each command can be modified by clicking in the Action column. The Modify all commands button makes it possible to change the action (Allow/Block) applied to all commands.
Other commands allowed tab
This list makes it possible to allow additional EtherNet/IP commands blocked by default on the firewall. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.
Support
| Disable intrusion prevention | When this option is selected, the scan of the EtherNet/IP protocol will be disabled and traffic will be authorized if the filter policy allows it. |
| Log each request | Enables or disables the logging of EtherNet/IP requests. |
| Automatically detect and inspect the protocol | If the protocol is enabled, this option allows corresponding traffic detected and authorized by a filter rule with an IPS or IDS inspection level and that does not use the default port to be inspected at the application level. If this option is not selected, protocol analysis is limited to the transport layer (TCP/UDP). |