5.6.3
Access protection and rights
5.6.3.1
SINAMICS access protection
The complete access protection in the web server comprises 3 components:
● SINAMICS Write and know-how protection
The specified settings of the write and know-how protection – including password protection
– also apply for access via the web server to the drive parameters and configuration. The
protection cannot be bypassed via the web server.
An OEM exception list specifies which parameters can also be displayed in the web server,
despite know-how protection being activated.
If access is not possible because of these settings, a corresponding message text is
displayed on the web pages.
● Web server access protection (Page 59)
The web server access protection can be used to limit access to the user "Administrator"
and/or "SINAMICS" with the corresponding rights.
Use a secure password for both logins.
● Access protection for parameter lists in the web server (Page 61)
Access rights to parameter lists in the web server can be defined by the "Administrator"
user for each parameter list.
For security reasons, as the "Administrator" user, you should never assign the "SINAMICS"
user with the "write" and "change list" rights at the same time. Otherwise, the "SINAMICS"
user would be able to change any chosen parameter at access levels 1 - 3.
Summary
The most effective access protection is a combination of the aforementioned safety
mechanisms.
NOTICE
Tampering with the converter parameter assignment resulting from password theft
If unauthorized persons obtain a user's login data, they can manipulate the parameter
assignment and cause damage.
● For your drive, activate the know-how protection. For more information, refer to the chapter
titled "Know-how protection".
● Ensure that especially critical parameters are not included in the OEM exception list.
5.6.3.2
Web server access protection
Both user logins with the following standard rights are available for the SINAMICS web server:
User
Login name Function
Standard
rights
User 1
SINAMICS
Diagnostics
user
Activated Read access rights and the right to ac‐
knowledge faults.
User 2
Administra‐
tor
Parameter as‐
signment user
Deactiva‐
ted
Access rights for modifying systems and
projects and the right to acknowledge
faults.
Security measures for SINAMICS
5.6 Web server
Industrial Security
Configuration Manual, 08/2017, A5E36912609A
59