Table of Contents
Advertisement
Secure/non-secure protocols
● Avoid or disable non-secure protocols, for example Telnet and TFTP. For historical
reasons, these protocols are still available, however not intended for secure applications.
Use non-secure protocols on the device using a secure connection (e.g. SINEMA RC).
● Avoid or disable non-secure protocols. Check whether use of the following protocols is
necessary:
– Telnet
– HTTP
– Broadcast pings
– Non authenticated and unencrypted interfaces
– ICMP (redirect)
– LLDP
– Syslog
– DHCP Options 66/67
– SNTP
– NTP
– TFTP
– TIA Portal Cloud Connector
● The following protocols provide secure alternatives:
– SNMPv1/v2 → SNMPv3
– HTTP → HTTPS
– Telnet → SSH
– NTP → Secure NTP
– SNTP → Secure NTP
– TFTP → SFTP
– TIA Portal Cloud Connector using a secure connection.
● Use secure protocols when access to the device is not prevented by physical protection
measures.
SCALANCE M804PB
Operating Instructions, 07/2018, C79000-G8976-C496-01
Check whether use of SNMPv1 is necessary. SNMPv1 is classified as non-secure.
Use the option of preventing write access. The product provides you with suitable
setting options.
If SNMP is enabled, change the community names. If no unrestricted access is
necessary, restrict access with SNMP.
Use the "TIA Portal Cloud Connector" integrated in the product over a VPN solution
(e.g. SINEMA RC).
Configure the firewall settings of the SCALANCE M800/S615 (e.g. predefined IPv4
rules "Cloud Connector") to prevent unauthorized access of network devices to the
"TIA Portal Cloud Connector Server".
Security recommendations
11
Hide quick links:
Advertisement
Table of Contents
