Table of Contents
Advertisement
Security
3
Security
3.1
General guidelines
}
Please refer to the chapter
for connecting a network to the internet.
}
Perform a risk analysis and plan the security measures carefully. If necessary, seek ad-
vice from Pilz Customer Support.
}
Please note that the product forwards ICMP Echo Request and Response packages
(ping) and ARP requests and responses between the unprotected and the protected net-
work, independent of the configuration. However, the device limits the number of pack-
ages to make flooding attacks more difficult.
}
Please report any security problems of the SecurityBridge to the following E-mail ad-
dress: security@pilz.de
3.2
Defense in depth
Defense in depth is a security design concept. Several different security measures to pro-
tect from attacks are arranged in series and/or in layers. An attack is made difficult because
the attacker has to circumvent different security measures one after the other. This concept
can be illustrated as follows:
Production Network Firewall
Fig.: DefenseInDepth
The product PCOM sec br2 secures the devices in the protected network from network-
based attacks and/or unauthorised access via the network. The product is the last layer in
the Defense in depth concept. To efficiently implement the concept, the measures de-
scribed in the chapter
Operating Manual PCOM sec br2
1004534-EN-04
Company Firewall
SecurityBridge
Operating environment [
Operating environment [
10]
10]. The product is not designed
PNOZmulti
PSS 4000
must be noted.
| 9
Advertisement
Table of Contents
