Action required: Apply the fix for SNS firewall disks.
Please follow the procedure described in the How to update my SSD Firmware - Stormshield Knowledge Base article (authentication required).
|Maximum number of pending requests||Maximum number of requests without responses in a single session. This value has to be between 1 and 512 (default value: 10).|
|Maximum request duration (seconds)||This value is the period after which requests without responses will be deleted. This value has to be between 1 and 3600 seconds (default value: 10).|
|Maximum message size (bytes)||This value makes it possible to restrict the size allowed for a message. It has to be between 11 and 3837 (default value: 960).|
Managing function codes
This table lists the codes and associated S7 operations that have been predefined on the firewall. These codes are classified by operation set: JOB and USERDATA (from different groups).
Predefined S7 operations are allowed by default (Analyze action). The buttons Block by operation set, Analyze by operation set and Modify all operations allow modifying the action (Analyze / Block) applied to the selected operation set or to all S7 operations listed in the table.
Other blocked JOBS
This list allows prohibiting additional S7 function codes or code ranges belonging to the JOB operation set. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.
Other blocked USERDATA groups
This list allows prohibiting whole sets or ranges of whole sets of USERDATA operations. It is possible to Add or Delete elements to or from this list by clicking on the relevant buttons.
|Disable intrusion prevention||When this option is selected, the scan of the S7 protocol will be disabled and traffic will be authorized if the filter policy allows it.|
|Log each S7 request||Enables or disables the logging of S7 requests.|