Further Recommended Security Measures - Siemens SENTRON 7KN POWERCENTER 3000 Manual
Iot data platforms
Hide thumbs
Also See for SENTRON 7KN POWERCENTER 3000:
- Quick install manual (2 pages) ,
- Manual (148 pages) ,
- Manual (112 pages)
Table of Contents
Advertisement
Installing, connecting, commissioning
4.7 Security features
4.7.2
Further recommended security measures
The security disclaimer always applies, see chapter Security instructions (Page 10).
Nevertheless, 7KN Powercenter 3000 provides the most important security features for
operation in an intranet.
Moreover, the following measures are recommended against attacks from the Internet, with
special devices, such as Ethernet switches, or IP routers.
● Firewall: A firewall restricts data traffic in a network to what is strictly necessary. Data
traffic that is not required is filtered out. This substantially reduces vulnerability to attack.
A firewall must be configured for this. E.g. only the necessary ports are enabled (see
table in chapter Security features on the external Ethernet interface (Page 38)).
Depending on the quality and care in setup of the firewall, unknown / non-permitted
subnet, IP and MAC addresses can filtered out.
The firewall functions are typically located in a central router or Ethernet switch, e.g.
SCALANCE xxx.
7KN Powercenter 3000 already offers Firewall subfunctions (firewall whitelist). You will
find further information in section IP filter in chapter Security features on the external
Ethernet interface (Page 38).
● VPN: VPN is the abbreviation for "virtual private network" and refers to a logically self-
contained network. A VPN connects a few known network nodes via encrypted
communication via a larger, potentially insecure network, e.g. Internet. If the Web user
interface of the 7KN Powercenter 3000 can be accessed via the Internet, we urgently
recommend establishing a VPN connection between the Web client (device on which the
Web browser is running) and the router.
● Physical access protection: Unauthorized accesses or manipulations of networks and
electronic devices are possible without leaving visible traces. For that reason, physical
access protection for the installed 7KN Powercenter 3000 is necessary. The
7KN Powercenter 3000 should also be protected from unauthorized access when it is not
installed because the device could be manipulated without leaving visible traces. E.g.
services could be activated at the external interface to be misused later.
40
7KN POWERCENTER 3000
Manual, 10/2019, L1V30579222003-01
Hide quick links:
Advertisement
Table of Contents
