Eaton 9476-ET Скачать руководство пользователя страница 37

Страница: 37 / 43

INM 9476-ETG Rev 2

Category

Description

Account Management
(continued)

•

Leverage the roles / access privileges to provide

tiered access to the users as per the business

/operational need. Follow the principle of least

privilege (allocate the minimum authority level

and access to system resources required for

the role).

•

Perform periodic account maintenance

(remove unused accounts).

•

Ensure password length, complexity and

expiration requirements are appropriately set,

particularly for all administrative accounts (e.g.,

minimum 10 characters, mix of upper- and

lower-case and special characters, and expire

every 90 days, or otherwise in accordance with

your organization’s policies).

•

Enforce session time-out after a period of

inactivity.

Time Synchronization

Many operations in power grids and IT networks

heavily depend on precise timing information.
•

Ensure the system clock is synchronized

an authoritative time source (using manual

configuration, NTP, SNTP, or IEEE 1588). Please

refer to section 9.7.4 of this manual

Network Security

The 9476 Gigabit Switch supports network

communication with other devices in the

environment. This capability can present risks if

it’s not configured securely. Following are Eaton

recommended best practices to help secure the

network. Additional information about various

network protection strategies is available in

Eaton Cybersecurity Considerations for Electrical

Distribution Systems [R1].

Eaton recommends segmentation of networks into

logical enclaves, denying traffic between segments

except that which is specifically allowed, and

restricting communication to host-to-host paths (for

example, using router ACLs and firewall rules). This

helps to protect sensitive information and critical

services and creates additional barriers in the event

of a network perimeter breach. At a minimum, a

utility Industrial Control Systems network should

be segmented into a three-tiered architecture (as

recommended by NIST SP 800-82[R3]) for better

security control.

Eaton recommends opening only those ports that

are required for operations and protect the network

communication using network protection systems

like firewalls and intrusion detection systems /

intrusion prevention systems. Use the information

below to configure your firewall rules to allow

access needed for The 9476 Gigabit Switch to

operate smoothly
The default ports used on The 9476 Gigabit Switch

are:= 80 Web Port (HTTP)
443 Secure Web Port(HTTPS)

Содержание 9476-ET

Страница 1: ...9476 ET G Instrinsically Safe Gigabit Ethernet 6 Port Managed Switch May 2021 INM 9476 ETG Rev 2 Instruction manual MTL Industrial Network Solutions ...

Страница 2: ...ARATION OF CONFORMITY A printed version of the Declaration of Conformity has been provided separately within the original shipment of goods However you can find a copy of the latest version at http www mtl inst com certificates ...

Страница 3: ...TION 6 10 SPECIFICATION 8 11 APPROVALS 8 12 CERTIFICATE INSTALLATION 9 13 CONNECTING THE 9476 ET G TO A PC NETWORK 11 14 SYSTEM INFORMATION 12 15 PORT STATUS 13 16 NETWORK STATISTICS 14 17 MAC TABLE 15 18 ACTIVITY LOG 16 19 SYSTEM SETTINGS 17 20 PORT SETTINGS 18 21 REBOOT MEDIA CONVERTER 19 22 REBOOT SWITCH 19 23 LOGOUT OF CURRENT WEB SESSION 20 24 RESET BUTTON 20 25 CONTACT 21 26 APPENDIX A END U...

Страница 4: ...assemblies may not be used in explosion hazard area applications if they have been used previously in general electrical installations WARNING The responsibility for planning installation commissioning operation and maintenance particularly with respect to applications in explosion hazard areas lies with the plant operator During operation Make the relevant instructions available at all times to t...

Страница 5: ...g ET version Ta 40ºC to 70ºC Zone 1 Zone 21 mounting Zone 0 Zone 20 with a suitable Ex ia Power Supply Note PoEx is a simple adaptation of the IEEE 802 3af Power over Ethernet PoE standard to bring the benefits to the 9400 Range of Hazardous Area devices This allows two spare pairs in the existing Cat5e cable to distribute the power supply from a 9476 Ethernet Switch Power Sourcing Equipment PSE t...

Страница 6: ...Ex These variants suit different applications Power 12V DC is supplied to the module locally along with Power over Ethernet PoEx for the connected devices where required Note PoEx not available on Gigabit ports The compact and cost effective design makes it the ideal choice for many applications Petrochem Process Monitoring Control Mining Underground Communication Links PLC and Machine Monitoring ...

Страница 7: ...45 10 100 1000 BASE T Ethernet Pin 10 100 Function Gigabit Function 1 Tx BI_DA 2 Tx BI_DA 3 Rx BI_DB 4 PoEx 12V BI_DC 5 PoEx 12V BI_DC 6 Rx BI_DB 7 PoEx 0V BI_DD 8 PoEx 0V BI_DD Note PoEx only on LAN3 6 ports when 10 100 PoEx not available on Gigabit ports 3 3 LED indicators OFF FLASH ON PWR green Power Fail N A Power OK WDG red green Fault Green Healthy 10Hz Fault STAT red green N A Green Identif...

Страница 8: ... 5 DIMENSIONS Width 42mm Height 160mm Depth 140mm Weight 1500g Mounting Din Rail 6 ENVIRONMENTAL Operating Temperature 40 C 70 C Storage Temperature 40 C 70 C Humidity 0 95 RH non condensing Ingress Protection Select enclosure to suit application see certificates for information 7 WASTE REMOVAL INFORMATION The electronic equipment within must not be treated as general waste By ensuring that this p...

Страница 9: ...injected into the relevant screw terminals see connections section As the 9476 Ethernet switch supports Auto MDI MDI X a straight connected RJ45 Cat5e cable is used to connect to any device It is recommended that Cat5e cables for Hazardous Area Zone 1 use are Blue in colour and are of good quality see accessories section the Safe Area cables being a colour other than blue to aid identification The...

Страница 10: ...and EN 60079 26 Installation a Reference to the IEC code of practice IEC 60079 14 In addition particular industries or end users may have specific requirements relating to the safety of their installations and these requirements should also be met For the majority of installations the Directive 1999 92 EC the ATEX Directive safety of installations is also applicable b Unless already protected by d...

Страница 11: ...3 For Group III the module shall be mounted inside a suitably certified enclosure which provides a minimum degree of protection of at least IP54 The module shall be installed in a manner that does not impair the existing creepage and clearance distances 8 4 The supply to the modules must be derived from a suitably certified intrinsically safe supply 8 5 The values of Co and Lo shall apply when one...

Страница 12: ...r RJ45 x6 Cable Length Up to 100m Cat5e PoEx Power Source 11 APPROVALS Location of Unit Zone 1 IIBT4 hazardous area 9476 ETG Zone 1 IICT4 hazardous area 9476 ET Certification Code Ex ia IIB T4 Ga 9476 ETG Ex ia IIC T4 Ga 9476 ET Ex ia ia Da IIIC T135 C Db non mining Ex ia I Ma M1 mining Ta 40ºC to 70ºC Certificate numbers ATEX CML 19ATEX2414X IECEx IECEx CML 19 0150X QLD IECEx ExTC 20 0019X See ce...

Страница 13: ... be able to view the HTTPS pages of the unit securely you are required to install a SSL certificate Below are the steps required in the Google Chrome browser other browser setups are similar Click on the 3 dots in the top right corner of the browser Click Advanced Privacy and Security Manage certificates ...

Страница 14: ...ev 2 Click on theTrusted Root Certification Authorities Ab and click Insert Browse for the ca cert pem file and install it You will now get and entry in the list of certificates called Controlled Systems Ltd ECDSA root ...

Страница 15: ...can be found on the MTL website this will automatically search for and locate any 9476 units connected to the network Click on the device that you are looking to configure then click the configure IP settings button and this will bring up the following screen Manually type in the settings that you require and then enter the password CSL Click the apply button to send the settings to the 9476 Reboo...

Страница 16: ...unctioning correctly Hardware and Software version is shown here as well to ensure the latest firmware is being used The Password lockout timer indicates the time remaining if the configuration of the unit has been locked out due to the password being entered incorrect 3 or more times If intermittent problems exist check the Temperature and voltage settings as this may indicate what is wrong ...

Страница 17: ...13 INM 9476 ETG Rev 2 15 PORT STATUS This page shows the current status of the 6 ports on the 9476 The unit will display any connected Gigabit ports in green and any connected 10 100Mbps ports in Yellow ...

Страница 18: ...S On this page counters are shown to enable fault finding onyour network infrastructure There are 64 counters for the 4 external ports and the one internal port connected to the CPU The counters can be cleared using the Clear Statistics button ...

Страница 19: ...relation to the unit T Trunk Specifies the DPV value is the trunk ID DPV Destination Port Vector value is a bit pattern of the ports on the unit MAC Address The unique 48bit MAC address PRI The priority assigned to the MAC address FID Forwarding Information Database allows the same MAC Address on different ports ...

Страница 20: ...a the password shows any changes that have occured to the unit This includes configuration changes password entered wrong and other useful information The Clear Log button will empty the existing log NOTE The Factory Default Password is Pa55w076 without quotes ...

Страница 21: ...the IP Address of an NTP server to allow the unit to get the correct time NTP Request Frequency This is the frequency that the unit will request the time from an NTP server NTP Offset This value can be used to offset the time received from the NTP server This value is the number of hours the local time is different from Greenwich Mean Time GMT Network Settings Enter the various settings to allow t...

Страница 22: ...accessible via password allows the changing of the 6 Ethernet ports Mode Off Auto or Fixed Negotiation Duplex Half or Full Speed 10 Mbps 100Mbps 1Gbps 1000 Click Submit to save the selection NOTE The Factory Default Password is Pa55w076 without quotes ...

Страница 23: ...e factory reset code This page is only accessed via a password The default factory reset code is DEFA 22 REBOOT SWITCH This page allow the rebooting of the unit To reset enter the reboot device code This page is only accessed via a password The default reboot code is 4E5E NOTE The Factory Default Password is Pa55w076 without quotes ...

Страница 24: ...igure it The button has two functions depending on when it is pressed 1 Press on power up This puts the unit into Bootloader Mode ready for a firmware upgrade The watchdog LED flashes red and the status LED turns red also To exit this mode cycle the power to the unit 2 Press 1 2 seconds after power up Factory Default Mode This temporarily sets the unit to the defaults described in this manual IP A...

Страница 25: ...21 INM 9476 ETG Rev 2 25 CONTACT This page list the contacts for support and offers a quick way to access our websites ...

Страница 26: ...tion Utility Software for Eaton 9476 ET G Intrinsically Safe Gigabit Ethernet 6 Port Managed Switch The software can be accessed through a web Graphical User Interface GUI through an IP Address by physically connecting to the switch License Subject to the terms and conditions of this Agreement Eaton hereby grants to Authorized Party a limited non transferable non sublicensable non assignable non e...

Страница 27: ...Party waives and holds harmless Eaton from any claims resulting from any action taken by Eaton during or as a result of Eaton s investigation and or from any actions taken as a consequence of investigations by either Eaton or law enforcement related to the Authorized Party s use of the Product Services Updates and Events outside of Eaton s control Eaton may update or upgrade the Product Software a...

Страница 28: ...ces related to the Product Software Support Services Use of Support Services is governed by the policies and programs described in the Documentation and or other Eaton provided materials Any supplemental materials provided to Authorized Party as part of the Support Services shall be considered part of the Product Software as applicable and subject to the terms and conditions of this Agreement No W...

Страница 29: ... EMOTIONALDISTRESS OR SIMILAR DAMAGES OR ANY OTHER COMMERCIAL DAMAGES OR LOSSES ARISING OUT OF OR RELATED TO AUTHORIZED PARTY S USE OR INABILITY TO USE THE PRODUCT SOFTWARE HOWEVER CAUSED REGARDLESS OF THE THEORY OF LIABILITY CONTRACT TORT OR OTHERWISE AND EVEN IF EATON OR THE AFOREMENTIONED PARTIES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES TO THE EXTENT PERMITTED BY LAW IN NO EVENT WIL...

Страница 30: ...916 928 1227 or 800 326 2297 via TTY device Registration To use the Product Software Authorized Party must have a valid account with a username and password Credentials Authorized Party is responsible for maintaining the confidentiality of Authorized Party s username and passwords and for ensuring that each password is only used by employees granted access to the Product Software on the Authorized...

Страница 31: ...he internet or otherwise without the express written consent of Eaton The Authorized Party acknowledges that the Authorized Party has no right title or interest in or to the Product Software and or any Eaton Content EATON and MTL947x are trade names and or marks owned exclusively by Eaton The Authorized Party shall not use any trade names or marks that are confusingly similar in Eaton s sole opini...

Страница 32: ... the Software is a commercial item as that term is defined at 48 C F R 2 101 consisting of commercial computer software and commercial computer software documentation as such terms are used in 48 C F R 12 212 and is provided to the U S Government only as a commercial end item Consistent with 48 C F R 12 212 and 48 C F R 227 7202 1 through 227 7202 4 all U S Government End Users acquire the Softwar...

Страница 33: ... this Agreement should be directed to Eaton at Eaton Attn IP Law Group 1000 Eaton Boulevard Mail Code 4N Cleveland OH 44122 Eaton Attn Global Data Protection and Privacy Office 1000 Eaton Boulevard Cleveland OH 44122 Email dataprotection eaton com ...

Страница 34: ... to complement customers existing cybersecurity programs Eaton is committed to minimizing the cybersecurity risk in its products and deploying cybersecurity best practices in its products and solutions making them more secure reliable and competitive for customers The following Eaton whitepapers are available for more information on general cybersecurity best practices and guidelines Cybersecurity...

Страница 35: ...ally Physical Security An attacker with unauthorized physical access can cause serious disruption to device functionality Additionally Industrial Control Protocols don t offer cryptographic protections making ICS and SCADA communications especially vulnerable to threats to their confidentiality Physical security is an important layer of defence in such cases The 9476 Gigabit Switch is designed to ...

Страница 36: ...t SNMP access using access control lists Disable unneeded ports services Account Management Logical access to the system device should be restricted to legitimate users who should be assigned only the privileges necessary to complete their job roles functions Some of the following best practices may need to be implemented by incorporating them into the organization s written policies Ensure defaul...

Страница 37: ...nt This capability can present risks if it s not configured securely Following are Eaton recommended best practices to help secure the network Additional information about various network protection strategies is available in Eaton Cybersecurity Considerations for Electrical Distribution Systems R1 Eaton recommends segmentation of networks into logical enclaves denying traffic between segments exc...

Страница 38: ...y of review should be reasonable taking into account the sensitivity and criticality of the system device and any data it processes Vulnerability Scanning Any known critical or high severity vulnerabilities on third party component libraries used to run software applications should be remediated before putting the device system into production Eaton recommends running a vulnerability scan to ident...

Страница 39: ...corporatingThe 9476 Gigabit Switch into the organization s business continuity and disaster recovery plans Organizations should establish a Business Continuity Plan and a Disaster Recovery Plan and should periodically review and where possible exercise these plans As part of the plan important system device data should be backed up and securely stored including Updated firmware for The 9476 Gigabi...

Страница 40: ... Boards and Devices Eaton recommends the following methods for disposing of motherboards peripheral cards such as network adapters or any other adapter containing non volatile flash memory Clear If supported by the device reset the state to original factory settings Purge If the flash memory can be easily identified and removed from the board the flash memory may be destroyed independently of the ...

Страница 41: ...lic powersystems resources library 1100_EAS WP910003EN pdf R3 NIST SP 800 82 Rev 2 Guide to Industrial Control Systems ICS Security May 2015 https ics cert us cert gov Standards and References R4 National Institute of Technology NIST Interagency Guidelines on Firewalls and Firewall Policy NIST special Publication 800 41 October 2009 http nvlpubs nist gov nistpubs Legacy SP nistspecialpublication80...

Страница 42: ...38 INM 9476 ETG Rev 2 This page is left intentionally blank ...

Страница 43: ...f Old Mahabalipuram Road Sholinganallur Chennai 600 119 India Tel 91 0 44 24501660 24501857 Fax 91 0 44 24501463 E mail mtlindiasales eaton com ITALY MTL Italia srl Via San Bovio 3 20090 Segrate Milano Italy Tel 39 02 959501 Fax 39 02 95950759 E mail chmninfo eaton com JAPAN Cooper Industries Japan K K MT Building 3F 2 7 5 Shiba Diamon Minato ku Tokyo Japan 102 0012 Tel 81 0 3 6430 3128 Fax 81 0 3...

Результаты поиска

Содержание 9476-ET

Отзывы:

Похожие инструкции для 9476-ET

Бренды по названию

Популярные бренды

Eaton 9476-ET, Инструкция по эксплуатации

Результаты поиска

Содержание 9476-ET

Отзывы:

Похожие инструкции для 9476-ET

Бренды по названию

Популярные бренды