Concept
Encrypted Communication
To increase the security of your data, you can disable incoming HTTP communication and MD5 encryption.
You disable incoming HTTP communication to increase the security of your system. Only the incoming communication is affected, so EcoStruxure Building Operation software still works as an EcoStruxure web service client.
When HTTP is disabled, HTTPS must be used between EcoStruxure BMS servers and clients like WebStation and WorkStation. Between EcoStruxure BMS servers, HTTPS or TCP must be used. Ensure that the communication protocol HTTPS between servers is secure.
An EcoStruxure web service client using HTTP cannot receive information from an EcoStruxure BMS server on which incoming HTTP communication is disabled. An EcoStruxure web service client using HTTPS can still receive information from an EcoStruxure BMS server on which incoming HTTP communication is disabled.
For more information, see Disabling Incoming HTTP Communication .
Disable MD5 Hash
If you want the EcoStruxure BMS servers to use only strong algorithms for encryption, such as AES128 and SHA256, you have to disable MD5 hash. MD5 hash must be disabled for you to use Federal Information Processing Standards (FIPS).
For more information, see Disabling MD5 Hash .
Redirect Web Client to HTTPS
You can force users to only use HTTPS when they access an EcoStruxure BMS server using WebStation.
For more information, see Redirecting Web Clients to HTTPS .
Security Overview
Disabling Incoming HTTP Communication
Disabling MD5 Hash
Redirecting Web Clients to HTTPS