SCALANCE W786C
Operating Instructions, 07/2019, A5E03692138-12
7
Security recommendations
2
To prevent unauthorized access, note the following security recommendations.
General
●
You should make regular checks to make sure that the device meets these
recommendations and/or other security guidelines.
●
Evaluate your plant as a whole in terms of security. Use a cell protection concept with
suitable products (
https://www.industry.siemens.com/topics/global/en/industrial-
●
When the internal and external network are disconnected, an attacker cannot access
internal data from the outside. Therefore operate the device only within a protected
network area.
●
For communication via non-secure networks use additional devices with VPN functionality
to encrypt and authenticate the communication.
●
Terminate management connections correctly (WBM. Telnet, SSH etc.).
Physical access
●
Restrict physical access to the device to qualified personnel.
●
The memory card or the PLUG (C-PLUG, KEY-PLUG, security PLUG) contains sensitive
data such as certificates, keys etc. that can be read out and modified.
Software (security functions)
●
Keep the firmware up to date. Check regularly for security updates of the product.
You will find information on this on the Internet pages "Industrial Security
https://www.siemens.com/industrialsecurity
)".
●
Inform yourself regularly about security advisories and bulletins published by Siemens
ProductCERT (
https://www.siemens.com/cert/en/cert-security-advisories.htm
●
Only activate protocols that you really require to use the device.
●
Use the security functions such as address translation with NAT (Network Address
Translation) or NAPT (Network Address Port Translation) to protect receiving ports from
access by third parties.
●
Restrict access to the device with a firewall or rules in an access control list (ACL -
Access Control List).
●
If RADIUS authentication is via remote access, make sure that the communication is
within the secured network area or is via a secure channel.
●
The option of VLAN structuring provides good protection against DoS attacks and
unauthorized access. Check whether this is practical or useful in your environment.
Содержание SIMATIC NET SCALANCE W786C Series
Страница 12: ...Security recommendations SCALANCE W786C 12 Operating Instructions 07 2019 A5E03692138 12 ...
Страница 68: ...Dimension drawing SCALANCE W786 SCALANCE W786C 68 Operating Instructions 07 2019 A5E03692138 12 ...
Страница 70: ...Approvals SCALANCE W786C 70 Operating Instructions 07 2019 A5E03692138 12 ...
Страница 72: ...Index SCALANCE W786C 72 Operating Instructions 07 2019 A5E03692138 12 ...