Security recommendations
SCALANCE W1750D CLI
Function Manual, 03/2019, C79000-G8976-C452-04
17
Secure/non-secure protocols
●
Avoid and disable non-secure protocols, for example Telnet and TFTP. For historical
reasons, these protocols are still available, however not intended for secure applications.
Use non-secure protocols on the device with caution.
●
The following protocols provide secure alternatives:
–
SNMPv1/v2 → SNMPv3
Check whether use of SNMPv1 is necessary. SNMPv1 is classified as non-secure.
Use the option of preventing write access. The product provides you with suitable
setting options. If SNMP is enabled, change the community names. If no unrestricted
access is necessary, restrict access with SNMP. Use SNMPv3 in conjunction with
passwords.
–
HTTP → HTTPS
–
Telnet → SSH
–
SNTP → NTP
–
Use secure protocols when access to the device is not prevented by physical
protection measures.
●
To prevent unauthorized access to the device or network, take suitable protective
measures against non-secure protocols.
●
If you require non-secure protocols and services, operate the device only within a
protected network area.
●
Restrict the services and protocols available to the outside to a minimum.
Available protocols per port
The following list provides you with an overview of the open ports on this device. The table
includes the following columns:
●
Protocol
All protocols that the device supports
●
Port number
Port number assigned to the protocol
●
Port status
–
Open: The port is always open and cannot be closed.
●
Factory setting
–
Open: The factory setting of the port is "Open".
–
Closed: The factory setting of the port is "Closed".
●
Authentication
Specifies whether or not the protocol is authenticated.