Safety notices
1.1 Security recommendations
SCALANCE XP-200
Operating Instructions, 05/2016, C79000-G8976-C428-01
13
●
Restrict access to the device with a firewall or rules in an access control list (ACL -
Access Control List).
●
Restrict access to the management of the device with rules in an access control list
(ACL).
●
The option of VLAN structuring provides good protection against DoS attacks and
unauthorized access. Check whether this is practical or useful in your environment.
●
Enable logging functions. Use the central logging function to log changes and access
attempts centrally. Check the logging information regularly.
●
Configure a Syslog server to forward all logs to a central location.
Passwords
●
Define rules for the use of devices and assignment of passwords.
●
Regularly update passwords and keys to increase security.
●
Change all default passwords for users before you operate the device.
●
Only use passwords with a high password strength. Avoid weak passwords for example
password1, 123456789, abcdefgh.
●
Make sure that all passwords are protected and inaccessible to unauthorized personnel.
●
Do not use the same password for different users and systems or after it has expired.
Keys and certificates
This section deals with the security keys and certificates you require to set up SSL.
●
We strongly recommend that you create your own SSL certificates and make them
available.
There are preset certificates and keys on the device. The preset and automatically
created SSL certificates are self-signed. We recommend that you use SSL certificates
signed either by a reliable external or by an internal certification authority.
The device has an interface via which you can import the certificates and keys.
●
Use the certification authority including key revocation and management to sign the
certificates.
●
Handle user-defined private keys with great caution if you use user-defined SSH or SSL
keys.
●
Verify certificates and fingerprints on the server and client to avoid "man in the middle"
attacks.
●
We recommend that you use certificates with a key length of 2048 bits.
●
Change keys and certificates immediately, if there is a suspicion of compromise.
Содержание SCALANCE XP-200
Страница 8: ...Introduction SCALANCE XP 200 8 Operating Instructions 05 2016 C79000 G8976 C428 01 ...
Страница 50: ...Installation 3 5 Rack mounting SCALANCE XP 200 50 Operating Instructions 05 2016 C79000 G8976 C428 01 ...
Страница 66: ...Connecting up 4 7 Functional ground SCALANCE XP 200 66 Operating Instructions 05 2016 C79000 G8976 C428 01 ...
Страница 84: ...Dimension drawings SCALANCE XP 200 84 Operating Instructions 05 2016 C79000 G8976 C428 01 ...
Страница 92: ...Approvals SCALANCE XP 200 92 Operating Instructions 05 2016 C79000 G8976 C428 01 ...