113
InStALLAtIon And opErAtIon mAnuAL
25-13741-E
January 2020 www.eaton.com
APPENDIX
APPENDIX 7 - Cybersecurity Recommendations
produCt tEAm GuIdELInES
VoCALL 16
has been designed with cybersecurity as an important consideration.
A number of features are offered in the product to address cybersecurity risks.
These Cybersecurity Recommendations provide information to help users to deploy
and maintain the product in a manner that minimizes the cybersecurity risks.
These Cybersecurity Recommendations are not intended to provide a comprehensive
guide to cybersecurity, but rather to complement customers’ existing
cybersecurity programs.
Eaton is committed to minimizing the cybersecurity risk in its products and deploying
cybersecurity best practices in its products and solutions, making them more secure,
reliable and competitive for customers.
The following Eaton whitepapers are available for more information on general
cybersecurity best practices and guidelines:
Cybersecurity Considerations for Electrical distribution Systems (Wp152002En):
http://www.eaton.com/ecm/groups/public/@pub/@eaton/@corp/documents/content/
pct_1603172.pdf
Cybersecurity Best practices Checklist reminder (Wp910003En):
http://www.cooperindustries.com/content/dam/public/powersystems/resources/
library/1100_EAS/WP910003EN.pdf
Category
Description
Asset
Management
Keeping track of software and hardware assets in your environment is a pre-requisite for
effectively managing cybersecurity. Eaton recommends that you maintain an asset inventory
that uniquely identifies each important component. To facilitate this, VoCALL 16 supports
the following identifying information: manufacturer, type, serial number, Firmware version
number, manufacturing. Refer Section 11 for more information.
Physical
Security
An attacker with unauthorized physical access can cause serious disruption to system/
device functionality. Additionally, Industrial Control Protocols don’t offer cryptographic
protections, making ICS and SCADA communications especially vulnerable to threats to their
confidentiality. Physical security is an important layer of defense in such cases. VoCALL 16
is designed to be deployed and operated in a physically secure location. Following are some
best practices that Eaton recommends to physically secure your system/device:
• Secure the facility and equipment rooms or closets with access control mechanisms such
as locks, entry card readers, guards, man traps, CCTV, etc. as appropriate. Restrict physical
access to cabinets and/or enclosures containing VoCALL 16.
• Physical access to the telecommunication lines and network cabling should be restricted to
protect against attempts to intercept or sabotage communications. It’s a best practice to use
metal conduits for the network cabling running between equipment cabinets.
• VoCALL 16 ships with Ethernet port disabled by default. To enable the port,
refer to Section 18.
• Do not connect removable media (e.g.SD cards, etc.) for any operation (e.g., firmware
upgrade, configuration change, or boot application change) unless the origin of the media is
known and trusted.
• Before connecting any portable device through a USB port or SD card slot, scan the device
for malware and viruses.
Summary of Contents for VoCALL 16
Page 96: ...96 Installation and operation manual 25 13741 E January 2020 www eaton com 17 Log Viewer...
Page 103: ...103 Installation and operation manual 25 13741 E January 2020 www eaton com 18 Webserver...
Page 115: ...115 Installation and operation manual 25 13741 E January 2020 www eaton com Notes...