Denial Of Service (Dos) Threshold Rates; Security Guidelines - ABB XIO-08 User Manual

8.3

Denial of service (DOS) threshold rates

Protection of ports used for TCP/IP communication, such as Ethernet, is very important. Cybersecurity
threats can make a device unavailable for connection.
If the Totalflow device has a Denial of Service (DOS) attack, the device cannot grant requests for
connection. It stops responding. The following table provides the DOS threshold rates per packet type.
The device stops responding at these thresholds.
Table 8-5: Denial of Service (DOS) threshold rates
Packet type
Ethernet
ARP
IP
ICMP
UDP
TCP
8.4

Security guidelines

The following table contains recommended guidelines to secure access to the XIO. Find procedures for
secure configuration throughout this manual, in Quick Start Guides, and in online PCCU help files.
Table 8-6: XIO security guidelines
Recommendation
Secure physical acces
to the device
Secure access with
security switch
Configure bi-level
security codes
Enable Role-Based
Access Control (RBAC
Secure network
connection
Secure Bluetooth ®
access
120 | XIO USER MANUAL | 2106424MNAA
Description
9 Mbps (13393 packets/sec)
9 Mbps (13393 packets/sec)
9 Mbps (13393 packets/sec)
27 Mbps (40179 packets/sec)
10 Mbps (14881 packets/sec)
10 Mbps (14881 packets/sec)
Description
Control access to the device, internal components, and connected peripherals.
Turn the onboard security switch on to enforce authentication through bi-level security
codes or RBAC.
See section 8.5.
Change default security codes to private codes (the default security code for both level
and level 2 is 0000).
See section 8.5.
Configure RBAC.
See section 8.6.
Enable role-based access and enable authentication for each of the communication port
Change the default RBAC passwords and security codes.
The device only connects to a firewall-protected private network. Do not connect directl
to the Internet.
Enable Bluetooth only when required.
Enable RBAC authentication on the port.
See section 8.6.