PROFINET switch 4/8/16-port | Version 1 | 20.02.2020
10
2
Security recommendations
The PROFINET switches are network infrastructure components, and thus important elements in the
security considerations of a system or network. When using the PROFINET switches, therefore please
consider the following recommendations in order to prohibit unauthorized access to plants and
systems.
General:
•
Ensure at regular intervals that all relevant components fulfill these recommendations and
possibly any other internal security guidelines.
•
Evaluate your system holistically with a view to security. Use a cell protection concept with
corresponding products, such as the Helmholz “WALL IE”.
You can find extensive information, for example, in the “ICS Security
Compendium” of the Federal Office for Information Security (BSI):
https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/ICS/
ICS-Security_kompendium_pdf.pdf
Physical access:
•
Limit physical access to components of relevance to security to qualified personnel.
Security of the software:
•
Always keep the firmware of all communications components up to date.
•
Inform yourself regularly of firmware updates for the product.
Information on this topic can be found in section 12.
•
Only activate protocols and functions you really need
Passwords:
•
Define rules for usage of the devices and the awarding of passwords.
•
Change standard passwords
•
Only use strong passwords. Avoid weak passwords like, for example, “password1”, “123456789”,
or similar.
•
Ensure that all passwords are protected and inaccessible to unauthorized personnel.
•
Don’t use one password for various users and systems.
