Background

For devices with IP-based interfaces, you can access device data and device functions via the network in a read, write, or executable manner. The access options have been defined or have been specified by the responsible fieldbus user organizations for e.g. PROFINET or EtherNet/IP^TM networks.

If the extent of the network is limited to closed control cabinets or premises with limited accessibility, possible device access for a clearly defined group of people is also ensured via the IP-based interfaces. If the network is extended (e.g. connection of the controller to the office network), so that access to the IP-based device interfaces can also take place from outside via the network, you must take measures to prevent unwanted and unauthorized access. Suitable measures are defined, among other things, by IT-specific standards and may be based, for example, on vertical and horizontal network segmentation using routers and firewalls. In order to configure routers and firewalls, it is necessary to know the possible and required communication relationships and the TCP and UDP ports used for this purpose.

This document lists the TCP/IP and UDP/IP ports implemented in the interfaces of the devices as well as their authorizations and internal device security measures.

Ports and Services for Ethernet-Based Communications