Security Policies

Included with KEPServerEX, no purchase necessary.
Download Free Demo

Product Overview

Security Policies allows administrators to assign security access permissions on individual objects (such as channels, devices, and tags) based on the role of the user interacting with the Runtime project. It is used in conjunction with the server's User Manager, which enables management of user groups, users, and default security settings.

Prior to KEPServerEX Version 6, the Security Policies advanced plug-in was an independently-licensed feature.

Security Policies



  • Allow and deny Dynamic Tag addressing
  • Organize security policies by user groups
  • Support for the following user group access categories:
    • Dynamic Addressing
    • I/O Tags
    • System Tags
    • Internal Tags
    • Browsing
  • Support for the following user group permissions types:
    • Read
    • Write
    • Browse
  • View and locate prior changes through the advanced plug-in interface’s font styling hierarchy and color scheme
  • Copy permissions for the current access category to/from a user group
  • Move permissions for the current access category to/from a user group
  • Clear all custom permissions from an access category

Available Languages

  • English

Release Notes



  • Resolved an issue where certain device properties could not be edited if the Security Policies Plug-In applied a custom access rule on the device. The Security Policies Plug-In created a reference on the device that the device interpreted as a client reference. By default, KEPServerEX does not allow device edits if a client is referencing the device. The Security Policies Plug-In is no longer treated as a client reference and allows edits.

Requirements and Restrictions

  • Client Application Support
    • User Level Support: OPC UA
    • Anonymous Login Support: OPC DA, OPC .NET, OPC AE, Wonderware SuiteLink, and GE IP NIO
  • Project Files
    • Once security permissions have been applied in the Security Policies tab, the project can only be saved as a .opf file; .xml is no longer an option.
    • A project that contains security permissions will require Security Policies to be installed in order to load the file.