Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Close
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
84546members
353802posts

[Imported] FTP and SFTP

EcoStruxure Geo SCADA Expert Forum

Find out how SCADA systems and networks, like EcoStruxure Geo SCADA Expert, help industrial organizations maintaining efficiency, processing data for smarter decision making with IoT, RTU and PLC devices.

Solved
sbeadle
Janeway Janeway
Janeway
0 Likes
1
755

[Imported] FTP and SFTP

>>Message imported from previous forum - Category:Bulk Edit Tool<<
User: ROVSCADAENGINEER, originally posted: 2019-06-21 01:16:24 Id:456
Does Schneider offer SFTP on the RTU's to ward off security compromise or do the units only allow for standard STP. if so do they allow the option of active or passive FTP?


Accepted Solutions
sbeadle
Janeway Janeway
Janeway
0 Likes
0
754

Re: [Imported] FTP and SFTP

>>Responses imported from previous forum


Reply From User: BevanWeiss, posted: 2019-07-10 23:31:01
The documentation indicates that the FTP server on the SCADAPack RTUs (E series and x70) does NOT support PASV. However I've had clients with Passive Mode enabled work successfully, and it seemed to respond ok to the PASV command.

There is no SFTP or FTPS at this stage however. I've raised this with Schneider Tech Support (via the appropriate support channels) and would advise that you do similar.

I would recommend the use of FTPS over SFTP. FTPS is supported by IIS (as an FTPS server) and uses standard TLS secure channels (as per HTTPS) making it a more seamless migration (for other services).


Reply From User: adamwoodland, posted: 2019-07-11 22:27:27
However SCADAPacks don't run Windows 🙂

Using OpenSSH which provides SFTP client and server is probably more the likely (not that I'm involved with the product side anyway)


Reply From User: BevanWeiss, posted: 2019-08-12 04:29:28
[at]adamwoodland said:
However SCADAPacks don't run Windows 🙂

Using OpenSSH which provides SFTP client and server is probably more the likely (not that I'm involved with the product side anyway)

OpenSSH is probably better than going with OpenSSL for secure socket 'stuff' at the moment, although there are a number of other good TLS/SSL libraries which are gaining traction. mbed TLS / NSS..

I guess VxWorks fixes will take priority for a little while however.

See Answer In Context

1 Reply 1
sbeadle
Janeway Janeway
Janeway
0 Likes
0
755

Re: [Imported] FTP and SFTP

>>Responses imported from previous forum


Reply From User: BevanWeiss, posted: 2019-07-10 23:31:01
The documentation indicates that the FTP server on the SCADAPack RTUs (E series and x70) does NOT support PASV. However I've had clients with Passive Mode enabled work successfully, and it seemed to respond ok to the PASV command.

There is no SFTP or FTPS at this stage however. I've raised this with Schneider Tech Support (via the appropriate support channels) and would advise that you do similar.

I would recommend the use of FTPS over SFTP. FTPS is supported by IIS (as an FTPS server) and uses standard TLS secure channels (as per HTTPS) making it a more seamless migration (for other services).


Reply From User: adamwoodland, posted: 2019-07-11 22:27:27
However SCADAPacks don't run Windows 🙂

Using OpenSSH which provides SFTP client and server is probably more the likely (not that I'm involved with the product side anyway)


Reply From User: BevanWeiss, posted: 2019-08-12 04:29:28
[at]adamwoodland said:
However SCADAPacks don't run Windows 🙂

Using OpenSSH which provides SFTP client and server is probably more the likely (not that I'm involved with the product side anyway)

OpenSSH is probably better than going with OpenSSL for secure socket 'stuff' at the moment, although there are a number of other good TLS/SSL libraries which are gaining traction. mbed TLS / NSS..

I guess VxWorks fixes will take priority for a little while however.