In addition to setting up security on individual Tags, you can set up security policies specific to each Security Zone. Tag Access is one of the options for a Security Policy. This is configured on the Gateway Webpage in the Config tab under Service> Security.
For a Security Zone, you can set up one of five access levels to each Tag Provider:
The security zone inherits the access level that is set in the Default Provider Access Level field.
The security zone has no access to this tag provider.
The security zone has Read only access to this tag provider.
The security zone has Read and write access to this tag provider.
The security zone has Read, Write, and Edit access to this tag provider.
Configuring Tag Access
Typically, the Administrator will identify what zones have access to which Tag Providers.
Go to the Config tab of the Gateway Webpage.
Choose Security> Service Security from the menu on the left. The Service Security page is displayed. You will see a list of the existing Security Zones for your Gateway.
To setup or modify Tag access for a zone, click on the Edit button for that zone. The Security Policy page is displayed.
Scroll down to the Tag Access section.
In the Default Provider Access level, set the default access level to ReadWrite.
For the access level to the System Tag Provider, set the option to ReadOnly. Now this zone will only be able to see System Realtime Tag Provider Tags, but not write to them or edit them.
Click the Save button. You will see a confirmation message on the Service Security page. For more information, see Security Zones.