Siemens SCALANCE XP-200 Operating Instructions Manual page 15

● Restrict the services and protocols available to the outside to a minimum.
● For the DCP function, enable the "DCP read-only" mode after commissioning.
Port security
● Use port security functions (IEEE 802.1X).
● Enable port authentication on the ports of end devices.
● Use the function "Locked Ports" to block ports for unknown nodes.
● Configure the ports, e.g. edge ports, receive ports, unused ports to block all unnecessary
protocols and services.
● Configure the receive ports so that they discard all untagged frames (Tagged Frames
Only).
Available protocols per port
The following list provides you with an overview of the open ports on this device. Keep this in
mind when configuring a firewall.
The table includes the following columns:
● Protocol
All protocols that the device supports
● Port number
Port number assigned to the protocol
● Port status
– Open
– Open (when configured)
● Default status of the port
– Open
– Closed
● Authentication
Specifies whether or not the protocol is authenticated during access.
SCALANCE XP-200
Operating Instructions, 05/2016, C79000-G8976-C428-01
The port is always open and cannot be closed.
The port is open if it has been configured.
Note
With some protocols the port may be open although the corresponding protocol is
disabled, for example TFTP.
As default the port is open.
As default the port is closed.
Safety notices
1.1 Security recommendations
15