Table of Contents
Advertisement
3 Detailed checklist
3.14.3
Syslog
Menu path
You can find this information in the following paths:
•
With MSPS: "System > Syslog Client"
•
With X-300: "Agent > Agent Syslog"
Information
If a Syslog server is present on the network, the device can send all log entries to
the server. Consequently, there is a central location where all log entries can be
viewed directly.
The Syslog protocol transmits the data in unencrypted form. Syslog data traffic
should therefore not pass over any unsecured networks.
Recommendation
The MSPS devices now offer a secure alternative with TLS. Tick the "TLS"
checkbox in order to encrypt the communication with the Syslog server.
3.14.4
Limit key functions
Menu path
You can find this information in the following paths:
•
With MSPS: "System > Configuration of SELECT/SET-Button"
•
With X-200 and X-300: "System > Select/Set Button"
Recommendation
In this menu, you can disable the Reset function of the physical reset key on the
module housing. If available, you can also disable the switchover of the ring
functions.
3.14.5
Rate control
Menu path
You can find this information in the following paths:
•
With MSPS: "Layer 2 > Rate control"
•
With X-300: "Switch > Load Limits Rates"
Recommendation
If interfacing with external networks, you can use "Multicast / Broadcast Limits" to
throttle potentially troublesome traffic.
If possible, you should implement layer-3 isolation with a router.
Note
Note that limiting will cause essential protocols, such as ARP, to be discarded.
Select the throttling and its severity to suit the structure.
Checklist
Article ID: 109745536,
V2.0,
05/2022
27
Advertisement
Table of Contents
