1 Introduction - ABB Ability 800xA Series User Manual

Device management foundation fieldbus

Hide thumbs Also See for Ability 800xA Series:

Operation (332 pages)

User manual (189 pages)

Operations (36 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

page of 124

/ 124
Contents
Table of Contents
Bookmarks

Table of Contents

1 Introduction

A Defense in Depth strategy must be followed to ensure security. A Defense in Depth

strategy covers a broad spectrum of vulnerabilities including personnel, procedures,

system configurations, and physical security.

With respect to the LD 810HSE Ex, the following measures must be taken into account:

•

2PAA114135-610

The first step to address in establishing a secure deployment is to reduce the

surface area of vulnerability. This means removing unnecessary software,

disabling unused Windows services, and implementing a firewall to close unused

communication ports. These actions reduce the avenues of attack on each

individual machine.

The following communication ports of the Linking Device are in open/filtered state

and thus need to be protected at all time:

–

Port s0/UDP

–

Port 1027/UDP

–

Port 1028/UDP

In addition, Windows Group Policy allows for system wide security settings to

be managed by a redundant pair of domain controllers (if available, otherwise

Local Security Policies may be used). ABB has provided a detailing of the

standard group policies for a secure deployment of Operations and Engineering.

This includes both operational group policies recommended for all projects as

well as enhanced security group policies.

Furthermore, deployment of Account Management must follow the principle of

least privilege to ensure that limited rights are granted to users and services

appropriately.

It should be understood that maintaining a secure deployment over time requires

the implementation of a security patch program to address both operating system

and application vulnerabilities. ABB evaluates all security related patches released

by Microsoft, performs testing, and publishes the results to assure compatibility.

Only patches that have been approved should be installed.

Finally, to actively protect against malicious software, ABB recommends antivirus

software on all machines on the DCS network. Antivirus software identifies,

quarantines, and removes malicious software.

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Ld 810hse ex

1 Introduction - ABB Ability 800xA Series User Manual

1 Introduction

Hide quick links:

Related Manuals for ABB Ability 800xA Series

Related Content for ABB Ability 800xA Series

This manual is also suitable for:

Table of Contents