SCALANCE W778-1 / W738-1
Operating Instructions, 03/2022, C79000-G8976-C450-07
11
Security recommendations
3
To prevent unauthorized access to the device and/or network, observe the following
security recommendations.
General
•
Check the device regularly to ensure that these recommendations and/or other
internal security policies are complied with.
•
Evaluate the security of your location and use a cell protection concept with suitable
products (
https://www.siemens.com/industrialsecurity
•
When the internal and external network are disconnected, an attacker cannot access
internal data from the outside. Therefore operate the device only within a protected
network area.
•
No product liability will be accepted for operation in a non-secure infrastructure.
•
Use VPN to encrypt and authenticate communication from and to the devices.
•
For data transmission via a non-secure network, use an encrypted VPN tunnel (IPsec,
OpenVPN).
•
Separate connections correctly (WBM, SSH etc.).
•
Check the user documentation of other Siemens products that are used together with
the device for additional security recommendations.
•
Using remote logging, ensure that the system protocols are forwarded to a central
logging server. Make sure that the server is within the protected network and check
the protocols regularly for potential security violations or vulnerabilities.
WLAN
•
We recommend that you ensure redundant coverage for WLAN clients.
•
More information on data security and data encryption for SCALANCE W is available
in SCALANCE W: Setup of a Wireless LAN in the Industrial Environment
https://support.industry.siemens.com/cs/ww/en/view/22681042
Authentication
Note
Accessibility risk - Risk of data loss
Do not lose the passwords for the device. Access to the device can only be restored by
resetting the device to factory settings which completely removes all configuration data.