References - Eaton Network-M2 User Manual

Cybersecurity recommended secure hardening guidelines
Deploy adequate network protection devices like Firewalls, Intrusion Detection / Protection devices,
Please find detailed information about various Network level protection strategies in Eaton Cybersecurity Considerations for
Electrical Distribution Systems [R1]. Use the below information for configuring the firewalls to allow needed access for Network
module to operate smoothly.
• Navigate to
Information>>>Specifications/Technical characteristics
to get the list of all ports and services running on the device.
• SNMP V1/SNMP V3 can be disabled or configured by navigating to
Instructions are available in the
5.2.2.5 Logging and Event Management
Best Practices
• Eaton recommends that all remote interactive sessions are encrypted, logged, and monitored including all administrative and
maintenance activities.
• Ensure that logs are backed up, retain the backups for a minimum of 3 months or as per organization's security policy.
• Perform log review at a minimum every 15 days.
• Navigate to Information>>>List of events codes
5.2.2.6 Secure Maintenance
Best Practices
5.2.2.6.1 Apply Firmware updates and patches regularly
Due to increasing Cyber Attacks on Industrial Control Systems, Eaton implements a comprehensive patch and update process for
its products. Users are encouraged to maintain a consistent process to promptly monitor for fresh firmware updates, implement
patching and updates as and when required or released.
• Navigate in the help to
Contextual help>>>Maintenance>>>Services
to get information on how to upgrade the Network Module.
• Eaton also has a robust vulnerability response process. In the event of any security vulnerability getting discovered in its
products, Eaton patches the vulnerability and releases information bulletin through its cybersecurity web site -
eaton.com/cybersecurity
Conduct regular Cybersecurity risk analyses of the organization /system.
Eaton has worked with third-party security firms to perform system audits, both as part of a specific customer's deployment and
within Eaton's own development cycle process. Eaton can provide guidance and support to your organization's effort to perform
regular cybersecurity audits or assessments.
5.2.2.6.2 Plan for Business Continuity / Cybersecurity Disaster Recovery
It's a Cybersecurity best practice for organizations to plan for Business continuity. Establish an OT Business Continuity plan,
periodically review and, where possible, exercise the established continuity plans. Make sure offsite backups include
• Backup of the latest f/w copy of Network module. Make it a part of SOP to update the backup copy as soon as the latest f/w
is updated on Network module.
• Backup of the most current configurations.
• Documentation of the most current User List.
• Save and store securely the current configurations of the device.

References

5.2.3
[R1] Cybersecurity Considerations for Electrical Distribution Systems (WP152002EN):
http://www.eaton.com/ecm/groups/public/@pub/@eaton/@corp/documents/content/pct_1603172.pdf
[R2] Cybersecurity Best Practices Checklist Reminder (WP910003EN):
http://www.cooperindustries.com/content/dam/public/powersystems/resources/library/1100_EAS/WP910003EN.pdf
Securing the Network Management Module – 200
Contextual help>>>Settings>>>SNMP.
to get log information and how to export it.
and patch through www.eaton.com/downloads.
Contextual help>>>Settings>>>SNMP.
http://