The Signature is for DNP3 Secure's function 'Authentication Request'. This is an Authentication Request which is a request from the Master to the Outstation in response to a Response message being received. Reason for detecting this message is to note that the Outstation has DNP3 Secure enabled, authorised Master is communicating with DNP3 Secure or to detect that an unathorised Master is trying to communicate with the Outstation. The signature its self should be configured in order to detect unauthorised Masters on the network. Alternatively be configured in combination with other signatures to detect if an Outstation has changed its DNP3 Secure credentials for the Challenge and Response with the Master. Signature checks for: * DNP3 Start Delimiter * Minimum size for a function requestYou are entitled to use this signature only if you have purchased an IPS SCADA Signature License.
LEGAL DISCLAIMER THE INFORMATION ON THIS PAGE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION CONTAINED HEREIN, OR MATERIALS LINKED FROM THE DOCUMENT, IS AT YOUR OWN RISK. INFORMATION IN THIS DOCUMENT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.