S7 PLUS
Protocol version
| Allow v2 protocol | Selecting this option will allow S7 Plus v2 packets to be analyzed If this checkbox is not selected, S7 Plus v2 packets will always be rejected. |
| Allow v3 protocol | Selecting this option will allow S7 Plus v3 packets to be analyzed If this checkbox is not selected, S7 Plus v3 packets will always be rejected. |
Configuring operations
| Start PLC | When this checkbox is selected, the firewall will automatically accept any S7 Plus request to start a PLC. |
| Set date and time | When this checkbox is selected, the firewall will automatically accept any S7 Plus request to set the date and time on a PLC. |
| Stop PLC | When this checkbox is selected, the firewall will automatically accept any S7 Plus request to shut down a PLC. |
| Download a program | When this checkbox is selected, the firewall will automatically accept any S7 Plus request to download programs for a PLC. |
| Send a program | When this checkbox is selected, the firewall will automatically accept any S7 Plus request to send programs for a PLC. |
Managing S7 Plus functions
Standard services tab
This grid lists the codes and corresponding S7 Plus functions that have been predefined on the firewall.
| Code | S7 Plus code number according to the Siemens naming system. |
| Service name | Service name assigned to the S7 Plus code according to the Siemens naming system. |
| Action | Indicates the action applied to the S7 Plus code. This action can either be Allow or Block. |
Possible operations
| Enter a filter | Enter numerical characters to filter the list of codes, or alphabetical characters to filter the list of standard services shown in the grid. |
| Select all | Selects all the lines shown in the grid so that a single action can be assigned to them (Allow/Block) by clicking on the relevant button. |
| Allow selection | Assigns the Allow action to the selected line (or to all lines if Select all was used). |
| Block | Assigns the Block action to the selected line (or to all lines if Select all was used). |
Custom services tab
In this grid, you can manage the custom S7 Plus codes and functions that the firewall will automatically accept.
Possible operations
| Enter a filter | Enter numerical characters to filter the list of custom service codes shown in the grid. |
| Select all | Selects all the lines shown in the grid to Delete them in a single action by clicking on the relevant button. |
| Add | Adds a custom S7 Plus service code in the grid. |
| Delete | Deletes the selected custom S7 Plus service code or all codes if Select all was used. |
S7 Plus configuration
| Max no. of pending requests | Maximum number of requests without responses in a single session. This value has to be between 1 and 512 seconds (default value: 50). |
| Max. duration of request(s) | This value is the period after which requests without responses will be deleted. This value has to be between 1 and 3600 seconds (default value: 10). |
Support
| Disable intrusion prevention | When this option is selected, the analysis of the S7 Plus protocol will be disabled and traffic will be allowed if the filter policy allows it. |
| Log each S7 Plus request | Enables or disables the logging of S7 Plus requests. |