User Manual
Cyber Security Concepts -
How to Secure the System
4
49
Siemens
Application Note
Smart Infrastructure
influencers, but they could be wrong for you. Microsoft may keep to a predictable
security patch release cycle, but most other vendors have unpredictable release
schedules.
NOTICE
End of Life IT Components
IT components have to be replaced as soon they pass their End of Life. EOL IT
does not meet today’s needs for Cyber Security.
Use a Test System
Siemens cannot guarantee that updating of
third-party components can be used
without consequences on the operation of the overall system. Depending on the
criticality of the system, we recommend establishing a release processes.
4.13 Hardening Guidelines for Desigo CC
Deployments
This section defines the minimal hardening measures that must be applied for each
of the reference deployments in order to comply with Desigo CC requirements, and
therefore meet Security Level 1 (SL1).
4.13.1 D1: Unsecured Desktop
IT Security Level 1 for Desigo CC cannot be achieved at this level of hardening.
Therefore, do not use without an express written waiver of responsibility by the
customer.
Measures or Description
Location of the physical server On desktop where access by uncontrolled persons is
possible
Physical/virtual server exclusivity Non-exclusive: a computer also used for normal office
tasks, including private surfing on the Internet
Physical server protective
measures
None
Server protective measures
(Software)
Standard antivirus and standard desktop firewall
configuration (auto allowance ON), maintained.
Server OS version and set up Off-the-shelf Windows installation
Client OS version and set up N/A
Client protective measures
(Software)
N/A
Connection for clients inside the
customer network
N/A
Connection for clients outside the
customer network (Remote
access)
N/A
Remote access Via remote desktop
Printers connectivity Yes