Table of Contents
Advertisement
Security recommendations
To prevent unauthorized access, note the following security recommendations.
General
● You should make regular checks to make sure that the device meets these
recommendations and/or other security guidelines.
● Evaluate your plant as a whole in terms of security. Use a cell protection concept with
suitable products:
Link:
security/Pages/Default.aspx)
● When the internal and external network are disconnected, an attacker cannot access
internal data from the outside. Therefore operate the device only within a protected
network area.
● Operate the device only within a protected network area.
● Use VPN to encrypt and authenticate communication from and to the devices.
● For data transmission via a non-secure network use an encrypted VPN tunnel (IPsec,
Open VPN).
● Separate connections correctly (WBM. Telnet, SSH etc.).
Physical access
● Limit physical access to the device to qualified personnel.
The memory card or the PLUG (C-PLUG, KEY-PLUG) contains sensitive data such as
certificates, keys etc. that can be read out and modified.
● Lock unused physical ports on the device. Unused ports can be used to gain forbidden
access to the plant.
SCALANCE M812, M816
Operating Instructions, 08/2016, C79000-G8976-C343-04
(http://www.industry.siemens.com/topics/global/en/industrial-security/network-
1
9
Advertisement
Table of Contents
