You can configure your system so that Virtual ViewX and Original WebX clients can access the Geo SCADA Expert database via non-secure HTTP connections (see Define the Ports Settings for Original WebX Clients). As HTTP connections are unsecure, potentially the communications could be intercepted and used for malicious purposes. For this reason, Geo SCADA Expert has certain safeguards in place by default:
- If you have HTTP (unsecure) and HTTPS (secure) ports enabled, Geo SCADA Expert will automatically use HTTPS for logging on and writing to the database (issuing controls, etc.). The HTTPS port is used even if the Virtual ViewX or Original WebX user initially connected via a HTTP port. When HTTPS is available, Geo SCADA Expert uses it in preference to HTTP to help protect your system from unauthorized access.
- If you have HTTP ports enabled, but HTTPS ports disabled, Geo SCADA Expert will only allow users to browse by default. They will not be able to log on or issue controls.
However, in certain specific circumstances (such as testing a system), there may be a need for an engineer to log on and issue controls via an unsecure connection. To facilitate this, the Server Configuration Tool’s WebX settings include an Allow Logon and Database Writes Over Non-Secure HTTP check box.
When selected, this will allow engineers to log on and issue controls over a HTTP connection.
You should only select the Allow Logon and Database Writes Over Non-Secure HTTP check box if you are fully aware of the security risks and are prepared to accept the lowered level of security. We would not advise selecting the check box on a fully commissioned live system. Once the commissioning work using non-secure connections is complete, and before the system goes live, ensure that the check box is cleared so that log ons and write actions only take place over secure connections.
POTENTIAL SECURITY BREACH