During the installation of DeltaV, inbound firewall rules for DeltaV and Emerson products were created and stored for the Windows firewall. These rules allow inbound communication on the port specified in the rule. All rules are disabled by default, meaning the ports are not open for inbound communications. The default Windows firewall settings allow all outbound communications on all ports (this follows the CIS (Center for Internet Security) recommendations).
Firewall rules are applied only to the profiles and network interface cards specified in the Windows Firewall Advanced Settings dialog.
Enable/disable the rules through the DeltaV Security Administration application. You can view the rules' properties in the Windows firewall interface.
With the Windows firewall enabled, all default Windows firewall rules are applied. The DeltaV rules are in addition to the default Windows firewall rules.
Do not edit the DeltaV rules. If you need a specific rule, you must create a new rule and configure it as needed. Any rules created by you are your responsibility to test and validate with your DeltaV system.
You can create a new rule by copying the existing DeltaV rule and modifying it. Open the Windows Firewall with Advanced Security application and select the DeltaV rule (for example, OPC: OPC UA Server). Copy and paste the rule and rename it to something meaningful. Edit the rule's properties to change what is needed; for example, a different default OPC UA Server TCP port to match what you have configured in DeltaV Explorer (for that protocol). Enable the new rule as an incoming rule on non-DeltaV networks. You are still responsible for testing and validating this change works in your DeltaV system.
The firewall rules are removed when DeltaV is uninstalled.