Concept
Security Overview
EcoStruxure Building Operation software has a number of features that helps you increase the security in your system.
Firewall
You can configure the devices that are allowed to communicate with the automation server to prevent connection attempts from unauthorized devices. The IP addresses of the devices that are allowed to communicate with the automation server are added to the whitelist.
For more information, see Firewall .
Password Policy
You can increase the password security by configuring a password policy that defines how passwords must be created by the users.
For more information, see Password Policy .
Embedded Content in WebStation
For security reasons, the default setting is for WebStation to not be embedded in another web site and for other contents to not be embedded in WebStation. However, you can change this security setting in WorkStation.
For more information, see Security Configuration in WebStation .
Automatic Log Off
The automatic logoff function makes it possible for the system to automatically log off a user after a specified time of inactivity.
For more information, see Automatic Logoff .
Security Banner
A security banner is displayed when a user enters a secure system. The security banner notifies the user of the legal rights connected to the use of the information in the secure system.
For more information, see Security Banner .
Certificates
The EcoStruxure Building Operation software supports certificates. Certificates are electronic credentials that are used to certify the identities of computers, and other entities on a network.
For more information, see Certificates .
Certificates and SSL Security in Device Administrator
You can increase the security between the Device Administrator and automation servers using certificates and SSL security configuration.
For more information, see Certificates and SSL Security in Device Administrator .
Encrypted Communication
To increase the security of your data, you can disable incoming HTTP communication and allow only high security communication.
For more information, see Encrypted Communication .
Web Server Access Logging
You can log all web server HTTP access to the Enterprise Server and the Enterprise Central.
For more information, see Web Server Access Logging .
Automation Server Remote System Logging
You can log all successful and unsuccessful attempt to log on to your automation server.
For more information, see Automation Server Remote System Logging .
Connect Agent
To prevent data transfer over the cloud server, you can disable the transfer of system information and crash information of the Enterprise Central and the Enterprise Server and its automation server.
For more information, see Connect Agent Overview .
Document Policy
You can increase the security in your system by configuring the document policy. The document policy controls which file types a user can open, save, and import.
For more information, see Document Policy .
Disable Automation Server Ports
You can disable port 22 and the USB ports on the automation server.
For more information, see Disable Automation Server Ports .
Change Control
Change Control is a way to require that a user add a comment and signature for changes made in the system.
For more information, see Change Control .
Firewall
Password Policy
Security Configuration in WebStation
Automatic Logoff
Security Banner
Certificates
Encrypted Communication
Web Server Access Logging
Automation Server Remote System Logging
Connect Agent Overview
Document Policy
Disable Automation Server Ports
Change Control