Security recommendations
SCALANCE WxM766
Operating Instructions, 03/2022, C79000-G8976-C617-03
15
Secure/ non-secure protocols
• Use secure protocols if access to the device is not prevented by physical protection
measures.
• Disable or restrict the use of non-secure protocols. While some protocols are secure
(e.g. HTTPS, SSH, 802.1X, etc.), others were not designed for the purpose of securing
applications (e.g. SNMPv1/v2c, RSTP, etc.).
Therefore, take appropriate security measures against non-secure protocols to
prevent unauthorized access to the device/network. Use non-secure protocols on the
device using a secure connection (e.g. SINEMA RC).
• If non-secure protocols and services are required, ensure that the device is operated
in a protected network area.
• Check whether use of the following protocols and services is necessary:
–
Non-authenticated and unencrypted ports
–
LLDP
–
Syslog
–
DHCP options 66/67
–
TFTP
–
Telnet
–
HTTP
–
SNMP v1/2c
–
Syslog
–
SNTP
• The following protocols provide secure alternatives:
–
SNMPv1/v2c
→
SNMPv3
Check whether use of SNMPv1/v2c is necessary. SNMPv1/v2c is classified as
non-secure. Use the option of preventing write access. The product provides you
with suitable setting options.
If SNMP is enabled, change the community names. If no unrestricted access is
necessary, restrict access with SNMP.
Use SNMPv3 in conjunction with passwords.
–
HTTP
→
HTTPS
–
Telnet
→
SSH
–
TFTP
→
SFTP
–
Syslog Client
→
Syslog Client TLS
• Using a firewall, restrict the services and protocols available to the outside to a
minimum.
• For the DCP function, enable the "Read Only" mode after commissioning.
Содержание SIMATIC NET 6GK5766-1GE00-3DA0
Страница 8: ...Introduction SCALANCE WxM766 8 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 10: ...Safety notices SCALANCE WxM766 10 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 64: ...Connection 6 7 Replacing a CLP SCALANCE WxM766 64 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 66: ...Maintenance and cleaning SCALANCE WxM766 66 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 74: ...Technical specifications SCALANCE WxM766 74 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 76: ...Dimension drawing SCALANCE WxM766 76 Operating Instructions 03 2022 C79000 G8976 C617 03 Side view ...
Страница 78: ...Dimension drawing SCALANCE WxM766 78 Operating Instructions 03 2022 C79000 G8976 C617 03 ...
Страница 80: ...Approvals SCALANCE WxM766 80 Operating Instructions 03 2022 C79000 G8976 C617 03 ...