System configuration and hardening
3
3.1
Data security
SIMATIC IPC277E saves the converter data unencrypted. To ensure data security, observe the
following:
• Always keep the Windows Firewall activated to protect the device.
• Before returning or disposing operator panel (HMI device), delete all data on the IPC.
• Regularly back up the system image. Additional information is provided in Section
"Installation, update, backup and recovery (Page 71)".
• Protect the backup data against loss and manipulation.
3.2
Windows security center
The Windows Security Center issues a warning when switching on the IPC. The Security Center
checks the status of the device regarding the subsequently listed important security aspects. If
a problem has been identified, the Security Center issues a warning and makes
recommendations as to how to better protect the device.
• Firewall: The Windows Firewall helps to protect the device by preventing unauthorized users
from accessing the device via a network or through the Internet. Windows checks as to
whether the device is protected by a software firewall. The firewall is activated when the
device is supplied. Always keep the Windows Firewall activated to protect the device.
• Preinstalled Windows Defender: Windows Defender protects the device against viruses
and other security threats. Windows checks as to whether comprehensive antivirus software
is currently being used on the device. There is no antivirus software installed when the device
is delivered. Do not install any antivirus software. The device is adequately protected without
requiring antivirus software. See also "Other softwares" part in Section "Security
recommendations (Page 8)".
• Real-time protection: Windows Defender issues a warning if spyware or possibly
undesirable software is installed or run on the IPC. A warning is also issued if programs
attempt to change important Windows settings.
Configure the Security Center corresponding to the requirements.
In addition, the Siemens CERT guidelines (https://www.cert.siemens.com/) are applied to the
device.
3.3
Whitelist
The basic philosophy of whitelisting is that all applications are mistrusted, unless they have been
classified as trustworthy after an appropriate check. This means that a whitelist is maintained in
the system. This whitelist therefore contains all applications that have been classified as
trustworthy and consequently can be run on your IPC systems.
Operator panel for SINAMICS Perfect Harmony GH150 air-cooled MV Converters
Function Manual, 12/2022, A5E51241343A
11
Summary of Contents for SINAMICS PERFECT HARMONY GH150
Page 2: ......
Page 135: ......
Page 136: ... HUPDQ XUWKHU QIRUPDWLRQ ZZZ VLHPHQV FRP 6LHPHQV DUJH ULYHV SSOLFDWLRQV 9RJHOZHLKHUVWU 1 51 5 ...