Siemens SIMATIC NET SCALANCE W774-1 Operating Instructions Manual page 15

• If non-secure protocols and services are required, ensure that the device is operated
in a protected network area.
• Check whether use of the following protocols and services is necessary:
– Non-authenticated and unencrypted ports
– LLDP
– Syslog
– DHCP options 66/67
– TFTP
– Telnet
– HTTP
– SNMP v1/2c
– Syslog
– SNTP
• The following protocols provide secure alternatives:
– SNMPv1/v2c → SNMPv3
– HTTP → HTTPS
– Telnet → SSH
– TFTP → SFTP
– Syslog Client → Syslog Client TLS
• Using a firewall, restrict the services and protocols available to the outside to a
minimum.
• For the DCP function, enable the "Read Only" mode after commissioning.
List of available services
The following is a list of all available services and their ports through which the device
can be accessed.
The table includes the following columns:
• Service
The services that the device supports
• Default port status
This is the status of the port in the delivery state (factory setting).
SCALANCE W774-1 / W734-1
Operating Instructions, 03/2022, C79000-G8976-C325-15
Check whether use of SNMPv1/v2c is necessary. SNMPv1/v2c is classified as
non-secure. Use the option of preventing write access. The product provides you
with suitable setting options.
If SNMP is enabled, change the community names. If no unrestricted access is
necessary, restrict access with SNMP.
Use SNMPv3 in conjunction with passwords.
Security recommendations
15