FactoryTalk Security System Configuration Guide
FactoryTalk Security System Configuration Guide
Quick Start
Rockwell Automation Publication FTSEC-QS001Q-EN-E - March 2021 Supersedes Publication FTSEC-QS001P-EN-E - September 2020
Original Instructions
FactoryTalk Security System Configuration Guide
Important User Information
Read this document and the documents listed in the additional resources section about installation, configuration, and operation of this equipment before you install, configure, operate, or maintain this product. Users are required to familiarize themselves with installation and wiring instructions in addition to requirements of all applicable codes, laws, and standards. Activities including installation, adjustments, putting into service, use, assembly, disassembly, and maintenance are required to be carried out by suitably trained personnel in accordance with applicable code of practice. If this equipment is used in a manner not specified by the manufacturer, the protection provided by the equipment may be impaired. In no event will Rockwell Automation, Inc. be responsible or liable for indirect or consequential damages resulting from the use or application of this equipment. The examples and diagrams in this manual are included solely for illustrative purposes. Because of the many variables and requirements associated with any particular installation, Rockwell Automation, Inc. cannot assume responsibility or liability for actual use based on the examples and diagrams. No patent liability is assumed by Rockwell Automation, Inc. with respect to use of information, circuits, equipment, or software described in this manual. Reproduction of the contents of this manual, in whole or in part, without written permission of Rockwell Automation, Inc., is prohibited. Throughout this manual, when necessary, we use notes to make you aware of safety considerations.
WARNING: Identifies information about practices or circumstances that can cause an explosion in a hazardous environment, which may lead to personal injury or death, property damage, or economic loss.
ATTENTION: Identifies information about practices or circumstances that can lead to personal injury or death, property damage, or economic loss. Attentions help you identify a hazard, avoid a hazard, and recognize the consequence.
IMPORTANT Identifies information that is critical for successful application and understanding of the product. Labels may also be on or inside the equipment to provide specific precautions.
SHOCK HAZARD: Labels may be on or inside the equipment, for example, a drive or motor, to alert people that dangerous voltage may be present.
BURN HAZARD: Labels may be on or inside the equipment, for example, a drive or motor, to alert people that surfaces may reach dangerous temperatures.
ARC FLASH HAZARD: Labels may be on or inside the equipment, for example, a motor control center, to alert people to potential Arc Flash. Arc Flash will cause severe injury or death. Wear proper Personal Protective Equipment (PPE). Follow ALL Regulatory requirements for safe work practices and for Personal Protective Equipment (PPE).
2
Rockwell Automation Publication FTSEC-QS001Q-EN-E - March 2021
Preface
Table of Contents
Summary of changes .................................................................................. 9 About this publication ................................................................................ 9 Additional resources ..................................................................................10 Legal Notices...............................................................................................10
About FactoryTalk systems
Chapter 1
FactoryTalk systems................................................................................... 13 FactoryTalk Directory types ................................................................ 15 Accounts and groups............................................................................ 16 Account types .......................................................................................18 Applications and areas........................................................................ 20 Security in a FactoryTalk system ....................................................... 20 Example: Two directories on one computer ..................................... 22
Install FactoryTalk Services Platform
Getting started with FactoryTalk Security
Chapter 2
Install FactoryTalk Services Platform ..................................................... 25 Install FactoryTalk System Services and FactoryTalk Policy Manager. 26
Chapter 3
FactoryTalk Security ................................................................................. 29 Security on a local directory ................................................................ 31 Security on a network directory.......................................................... 31 How security authenticates user accounts ........................................32 Things you can secure..........................................................................32 Best practices........................................................................................34 Audit trails and regulatory compliance..............................................36
Configure a computer to be the FactoryTalk Directory network server 38 Configure a computer to be the network directory server ...............39 Configure a network directory client computer................................39 Check network directory server connection status .......................... 40 FactoryTalk Directory Server Location Utility ................................... 41
Manage users
Chapter 4
Manage users .............................................................................................43 Add a FactoryTalk user account ..........................................................43 Add a Windows-linked user account..................................................45 Add group memberships to a user account ...................................... 46 Remove group memberships from a user account............................47 Delete a user account .......................................................................... 48
Rockwell Automation Publication FTSEC-QS001Q-EN-E - March 2021
3
Table of Contents
Manage user groups
Chapter 5
Manage user groups .................................................................................. 51 Add a FactoryTalk user group ............................................................ 52 Add a Windows-linked user group .....................................................53 Edit or view user group properties .....................................................55 Delete a user group ..............................................................................56 Add accounts to a FactoryTalk user group .........................................56 Remove accounts from a FactoryTalk user group .............................57
Manage computers
Chapter 6
Manage computers ....................................................................................59 Add a computer ....................................................................................59 Delete a computer ............................................................................... 60 Edit or view computer properties ....................................................... 61
Chapter 7
Add and remove user-computer Add and remove user-computer pairs......................................................63
pairs
Add a user-computer pair....................................................................63 Remove a user-computer pair .............................................................65
Edit or view user account properties..................................................65
Add and remove action groups
Chapter 8
Add and remove action groups.................................................................67 Add an action group.............................................................................67 Delete an action group........................................................................ 68 Add an action to an action group....................................................... 69 Remove an action from an action group ........................................... 69
Set system policies
Chapter 9
Authorize an application to access the FactoryTalk Directory .............. 72 FactoryTalk Service Application Authorization.................................73 FactoryTalk Service Application Authorization settings ..................73 Publisher Certificate Information ......................................................75 Digitally signed FactoryTalk products................................................76
Authorize a service to use FactoryTalk Badge Logon ..............................76 FactoryTalk Badge Authorization .......................................................77 FactoryTalk Badge Authorization settings.........................................77
Assign user rights to make system policy changes ................................. 78 User rights assignment policies..........................................................79 User Rights Assignment Policy Properties ....................................... 80 Configure Securable Action ............................................................... 80
4
Rockwell Automation Publication FTSEC-QS001Q-EN-E - March 2021
Table of Contents
Select a user or group...........................................................................81 Change the default communications protocol ....................................... 82
Default communications protocol settings ...................................... 82 Live Data Policy Properties................................................................. 83 Set network health monitoring policies .................................................. 84 Health Monitoring Policy Properties ................................................ 85 Set audit policies ....................................................................................... 86 Audit policies ....................................................................................... 87 Audit Policy Properties ....................................................................... 89 Monitor security-related events......................................................... 90 Example: Audit messages .................................................................... 91 Set system security policies ....................................................................... 91 Modify Account Policy Settings ......................................................... 92 Modify Computer Policy Settings.......................................................93 Modify Directory Protection Policy Settings .....................................95 Modify Password Policy Settings....................................................... 96 Modify Badge login policies ............................................................... 98 Enable single sign-on.......................................................................... 99 Disable single sign-on....................................................................... 100 Account Policy Settings .................................................................... 100 Computer Policy Settings..................................................................102 Directory Protection Policy Settings ................................................103 Cache expiration policies ..................................................................105 Password Policy Settings...................................................................106 Single Sign-On Policy Settings .........................................................109 When to disable single sign-on ......................................................... 110 Security Policy Properties.................................................................. 110 Navigate the Policy Properties windows .................................................111 Export policies to XML............................................................................. 112
Set product-specific policies
Chapter 10
Secure features of a single product ........................................................ 114 Secure multiple product features ........................................................... 114 Feature Security for Product Policies ..................................................... 115 Feature Security Policies.......................................................................... 116 Differences between securable actions and product policies ............... 116
Manage logical names
Chapter 11
Logical names........................................................................................... 119 Add a logical name ................................................................................... 121 Delete a logical name ...............................................................................122 Add a device to a logical name.................................................................122
Rockwell Automation Publication FTSEC-QS001Q-EN-E - March 2021
5
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- hpe integrated lights out ilo
- application code manager user manual
- strategic management in policing the role of the
- factorytalk security system configuration guide
- windows authentication qualys
- user manual for plc programming ifm
- mcwp 3 40 2 information management
- slc console manager user guide lantronix
- eaton intelligent power protector ipp user s guide
Related searches
- security classification guide army
- security classification guide dod
- a security classification guide scg is
- sap dms configuration guide pdf
- dod security classification guide handbook
- security classification guide training
- what information do security classification guide scg
- system configuration utilities
- best system configuration windows 10
- free security study guide download
- security free study guide pdf
- security study guide 501