Overview

You can open the ACCESS CONTROL VIEW either way:

  • By clicking Open Access Control View in the context menu of the system project name in the SYSTEM PROJECT pane.

  • By clicking Access Control View in the Open With submenu of a module.

  • By clicking Edit in the Access Control attribute of the SECURITY tab of modules managing security attributes.

  • By using the Views menu in the toolbar.

It gives you an overview of the Ethernet communication permissions that are configured for devices that exist in your system project and that manage security attributes.

The view is refreshed when you or other users modify the configuration of objects that are shown.

NOTE: You need to enable Ethernet services and access control at the module level by using the SECURITY tab of the PROPERTIES pane before you can configure them in this view.

Description

The following figure shows an example of the ACCESS CONTROL VIEW of a system project.

Item

Description

1

Column showing modules of devices that exist in the system project and that manage security attributes related to Ethernet communication.

2

For each module that appears in the Device column, the IP addresses of devices that are authorized to communicate with the device by sending requests to it.

Instead of or in addition to individual IP address, existing logical networks can appear. This allows any device that belongs to the logical network to communicate with the module.

The field is empty by default.

3

Shows the Ethernet services that are featured by the modules and which ones are used when access control is enabled at the module level.

You can enable (check box selected) or disable services individually for each authorized address. The corresponding service must be enabled at the module level first (if applicable).

Disabling a service at the module level makes the service unavailable in this view and resets its value for all authorized entries of the module.

4

Device for which the IP address of an authorized device and a logical network have been added.

5

Authorized logical network. The CIDR notation suffix and subnet address of the network are indicated.

6

IP address of a device authorized to communicate with the module.

7

Module for which no authorized IP address nor logical network has been added.

NOTE: You can shift columns and sort and filter entries.

Context Menu Commands

The table describes the context menu commands of objects that are specific to the ACCESS CONTROL VIEW . For a description of the other commands, refer to the topic describing device context menu commands.

Object

Command

Description

Device

Add Authorized Address

Opens a dialog box that lets you add:

Authorized address

Delete

Removes the address or the selection of addresses from the view and revokes the permission to communicate with the device.

Multiselection of Entries

When you select multiple devices in the ACCESS CONTROL VIEW, the PROPERTIES pane shows the tabs and attributes that they have in common.