Concept
Encrypted Communication
To increase the security of your data, you can disable incoming HTTP communication and MD5 encryption.
HTTP communication is disabled to increase the security of your system. Only the incoming HTTP communication is affected, so disabling HTTP communication does not affect EcoStruxure Building Operation software as an EcoStruxure web service client.
When HTTP is disabled, HTTPS must be used between EcoStruxure BMS servers and clients like WebStation and WorkStation. Between EcoStruxure BMS servers, HTTPS or TCP must be used. Ensure that the communication protocol HTTPS between servers is secure.
An EcoStruxure web service client using HTTP cannot receive information from an EcoStruxure BMS server on which HTTP communication is disabled. An EcoStruxure web service client using HTTPS can still receive information from an EcoStruxure BMS server on which HTTP communication is disabled.
Disable MD5 Hash
If you want the EcoStruxure BMS servers to use only strong algorithms for encryption, such as AES128 and SHA256, you have to disable MD5 hash. MD5 hash must be disabled for you to use Federal Information Processing Standards (FIPS).
Redirect Web Client to HTTPS
You can force users to only use HTTPS when they access an EcoStruxure BMS server using WebStation.
Security Overview
Disabling Incoming HTTP Communication
Disabling MD5 Hash
Redirecting Web Clients to HTTPS
Security Settings – Control Panel