Siemens SIMATIC S7-300 Equipment Manual page 44

Configuration and operation
6.1 Security recommendations
Security functions of the product
Use the options for security settings in the configuration of the product. These includes
among others:
• Protection levels
Configure access to the CPU under "Protection".
• Leave access to the Web server of the CPU (CPU configuration) and to the Web server of
the CP disabled.
• Protection of the passwords for access to program blocks
Protect the passwords stored in data blocks for the program blocks from being viewed.
You will find information on the procedure in the STEP 7 information system under the
keyword "Know-how protection".
Passwords
• Define rules for the use of devices and assignment of passwords.
• Regularly update the passwords to increase security.
• Only use passwords with a high password strength. Avoid weak passwords for example
"password1", "123456789" or similar.
• Make sure that all passwords are protected and inaccessible to unauthorized personnel.
See also the preceding section for information on this.
• Do not use one password for different users and systems.
Protocols
Secure and non-secure protocols
• Only activate protocols that you require to use the system.
• Use secure protocols when access to the device is not prevented by physical protection
measures.
• Deactivate DHCP at interfaces to public networks such as the Internet, for example, to
prevent IP spoofing.
Table: Meaning of the column titles and entries
The following table provides you with an overview of the open ports on this device.
• Protocol / function
Protocols that the device supports.
• Port number (protocol)
Port number assigned to the protocol.
44
Equipment Manual, 01/2023, C79000−G8976−C198−09
CP 343-1 Lean