Configure the Security Policy Model
The security policy model, composed of zones, devices, conduits, and their respective
CIP Security
properties, is configured in FactoryTalk Policy Manager
. The zones and conduits provide micro-segmentation within the security policy model. The security policy model is deployed to the devices in the IACS via FactoryTalk Policy Manager
.
TIP:
Install
FactoryTalk Policy Manager
version 6.50.00 or later and FactoryTalk
System Services version 6.50.00 or later.
IMPORTANT:
When
FactoryTalk Linx
is included in a CIP Security
zone, it is required that FactoryTalk Linx
retain the IP address of the computer when FactoryTalk Policy Manager
deploys the CIP Security
configuration. To accomplish this, the computer must be configured to use a static or fixed IP address, or the network BOOTP or DHCP server must always provide the computer with the same IP address. If the computer’s IP address is changed after CIP Security
is deployed, FactoryTalk Linx
will not be permitted to establish a connection to controllers or devices using CIP Security
.For more information on the configuration, deployment, backup, and restoration of the security policy model, see and .
FactoryTalk Policy Manager
Getting Results GuideCIP Security
with Rockwell Automation
Products Application TechniqueProvide Feedback