1. Manuals
  2. Brands
  3. Siemens Manuals
  4. Wireless Access Point
  5. SIMATIC NET SCALANCE W734-1
  6. Operating instructions manual

Siemens SIMATIC NET SCALANCE W734-1 Operating Instructions Manual page 8

Industrial wireless lan
Hide thumbs Also See for SIMATIC NET SCALANCE W734-1:
Table of Contents

Advertisement

Security recommendations
● Enable logging functions. Use the central logging function to log changes and access
attempts centrally. Check the logging information regularly.
● Configure a Syslog server to forward all logs to a central location.
● Use WPA2/ WPA2-PSK with AES to protect the WLAN. If iPCF or iPCF-MC is used, use
the AES encryption.
Passwords
● Define rules for the use of devices and assignment of passwords.
● Regularly update passwords and keys to increase security.
● Change all default passwords for users before you operate the device.
● Only use passwords with a high password strength. Avoid weak passwords for example
password1, 123456789, abcdefgh.
● Make sure that all passwords are protected and inaccessible to unauthorized personnel.
● Do not use the same password for different users and systems or after it has expired.
Keys and certificates
This section deals with the security keys and certificates you require to set up HTTPS
( HyperText Transfer Protocol Secured Socket Layer).
● We strongly recommend that you create your own HTTPS certificates and make them
available.
There are preset certificates and keys on the device. The preset and automatically created
HTTPS certificates are self-signed.
We recommend that you use HTTPS certificates signed either by a reliable external or by
an internal certification authority. The HTTPS certificate checks the identity of the device
and controls the encrypted data exchange. You can install the HTTPS certificate via the
WBM (System > Load and Save).
● Handle user-defined private keys with great caution if you use user-defined SSH or SSL
keys.
● Use the certification authority including key revocation and management to sign the
certificates.
● Verify certificates and fingerprints on the server and client to avoid "man in the middle"
attacks.
● We recommend that you use certificates with a key length of 2048 bits.
● Change keys and certificates immediately, if there is a suspicion of compromise.
Secure/non-secure protocols
● For the DCP function, enable the "DCP read-only" mode after commissioning.
● Avoid and disable non-secure protocols, for example Telnet and TFTP. For historical
reasons, these protocols are still available, however not intended for secure applications.
Use non-secure protocols on the device with caution.
8
SCALANCE W774-1 /W734-1
Operating Instructions, 09/2017, C79000-G8976-C325-09

Advertisement

Table of Contents
loading

Related Manuals for Siemens SIMATIC NET SCALANCE W734-1

Related Products for Siemens SIMATIC NET SCALANCE W734-1

This manual is also suitable for:

Simatic net scalance w774-1

Table of Contents