MMS/IEC 61850 MMS

MMS tab

Manage MMS services

Block reserved services When this option is selected, you will block a particular confirmed service - the service labeled Reserved service and associated with ID 79 in the specifications of the IEC61850 protocol.

"Confirmed services" tab

This table lists the standard confirmed MMS services (services that require a reply) predefined on the firewall, classified by service group:

  • VMD Support,
  • Domain Management,
  • Program Invocation Management,
  • Variable Access,
  • Data Exchange,
  • Semaphore Management,
  • Operator Communication,
  • Event Management,
  • Event Condition,
  • Event Action,
  • Event Enrollment,
  • Journal management,
  • File Management,
  • Scattered Access
  • Access Control.

Predefined confirmed standard MMS services are allowed by default (Analyze action) and this action can be modified for each one of them. The buttons Block by service set, Analyze by service set and Modify all services make it possible to edit the action (Analyze / Block) applied to the selected service set or to all services listed in the table.

"Additional confirmed services" tab

This table lists the additional confirmed MMS services (services that require a reply) predefined on the firewall, classified by service group:

  • VMD Support,
  • Program Invocation Management,
  • Unit Control,
  • Event Condition.

Predefined additional MMS services are allowed by default (Analyze action) and this action can be modified for each one of them. The Modify all services button makes it possible to edit the action (Analyze / Block) applied to all services listed in the table.

Support

Disable intrusion prevention When this option is selected, the scan of the MMS protocol will be disabled and traffic will be authorized if the filter policy allows it
Automatically detect and inspect the protocol If the MMS protocol is enabled, the inspection function will automatically apply to discover corresponding traffic that filter rules allow.

IEC 61850 MMS (IPS) tab

IEC61850 is a communication standard that protection systems on substations use in the electrical energy industry.

Specifically, IEC 61850 is used in communications between intelligent electronic devices located on distribution substations in a power grid. Intelligent electronic devices, also known as IEDs, essentially include microprocessor-based protective relays, measuring devices, programmable logic controllers, and fault and event recorders. With these devices, power grids can be monitored in real time, therefore making the substation “intelligent”.

Manage IEC 61850 services

This table lists the IEC61850 MMS services that have been predefined on the firewall, classified by service group:

  • Setting Group Control Block,
  • Server,
  • Report Control Block,
  • Logical Node,
  • Logical Device,
  • Log Control Block,
  • GSSE,
  • GOOSE,
  • File transfer,
  • Data Set,
  • Data,
  • Control.

IEC61850 MMS services are allowed by default (Analyze action) and this action can be changed for each one of them. The buttons Block by service set, Analyze by service set and Modify all services make it possible to edit the action (Analyze / Block) applied to the selected service set or to all services listed in the table.

Whitelisted logical nodes

This grid lists the services that do not need the IEC61850 MMS protocol analysis.

Enable whitelist When this checkbox is selected, you will enable the whitelist so that MMS services to be excluded from the analysis can be added to it.

It is possible to Add or Delete MMS services to be whitelisted by clicking on the corresponding buttons.

The Select all button makes it possible to select all services found in the whitelist to Delete them in a single operation.