Security recommendations
SCALANCE WxM766
14
Operating Instructions, 03/2022, C79000-G8976-C617-03
Initialization Vector Implementation Information Disclosure Vulnerability (for example,
BEAST).
• Ensure that the latest firmware version is installed, including all security-related
patches.
You can find the latest information on security patches for Siemens products at the
Industrial Security (
https://www.siemens.com/industrialsecurity
) or ProductCERT
Security Advisories (
https://www.siemens.com/cert/en/cert-security-advisories.htm
website.
For updates on Siemens product security advisories, subscribe to the RSS feed on the
ProductCERT Security Advisories website or follow @ProductCert on Twitter.
• Enable only those services that are used on the device, including physical ports. Free
physical ports can potentially be used to gain access to the network behind the
device.
• For optimal security, use SNMPv3 authentication and encryption mechanisms
whenever possible, and use strong passwords.
• Configuration files can be downloaded from the device. Ensure that configuration files
are adequately protected. The options for achieving this include digitally signing and
encrypting the files, storing them in a secure location, or transmitting configuration
files only through secure communication channels.
Configuration files can be password protected during download. You enter passwords
on the WBM page "System > Load & Save > Passwords".
• When using SNMP (Simple Network Management Protocol):
–
Configure SNMP to generate a notification when authentication errors occur.
For more information, see WBM "System > SNMP > Notifications".
–
Ensure that the default community strings are changed to unique values.
–
Use SNMPv3 whenever possible. SNMPv1 and SNMPv2c are considered non-
secure and should only be used when absolutely necessary.
–
If possible, prevent write access above all.
• Use the security functions such as address translation with NAT (Network Address
Translation) or NAPT (Network Address Port Translation) to protect receiving ports
from access by third parties.
• Use WPA2/ WPA2-PSK with AES to protect the WLAN. You can find additional
information in the configuration manual Web Based Management "Security menu".
Содержание SIMATIC NET 6GK5766-1GE00-3DA0
Страница 8: ...Introduction SCALANCE WxM766 8 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 10: ...Safety notices SCALANCE WxM766 10 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 64: ...Connection 6 7 Replacing a CLP SCALANCE WxM766 64 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 66: ...Maintenance and cleaning SCALANCE WxM766 66 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 74: ...Technical specifications SCALANCE WxM766 74 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 76: ...Dimension drawing SCALANCE WxM766 76 Operating Instructions 03 2022 C79000 G8976 C617 03 Side view ...
Страница 78: ...Dimension drawing SCALANCE WxM766 78 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 80: ...Approvals SCALANCE WxM766 80 Operating Instructions 03 2022 C79000 G8976 C617 03 ...