User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation

Cyber Security Concepts -

How to Secure the System

Cyber Security Concepts

Siemens Application Note

Smart Infrastructure

IT skills of users Low

IT skills of system administrators Low

IT skills of network administrators Low

IT skills of the installer (BT or

VAP)

Low

Field devices connectivity Directly on the customer network

Connection to other services (for

example, OPC servers and

clients)

Directly on the customer network

Client Windows login Administrative auto-logon

Desigo CC users Desigo CC authentication

Desigo CC client options Any client option

4.13.2 D2: Stand-alone Desktop Application

Applicability

Location of the physical server On the desktop of one of the users in a controlled

office environment (not in a publicly accessible

area).

Physical/virtual server exclusivity Non-exclusive: a computer also used for regular

office tasks.

Topic Required Hardening

Physical server protective measures Unplug and theft protection.

Server protective measures

(Software)

Disable interfaces with memory access (FireWire,

USB 3.1).

Encrypt the hard disk.

Continuously maintained and strong antivirus

protection.

Continuously maintained desktop firewalls.

Firewalls rules not on auto allowance, UPS needed.

Server OS version and set up Secure Windows OS installation.

Set up and maintain Windows OS security.

Keep Windows OS continuously updated by

security patches.

Enforce strong password policy.

Restrict access to users and to Desigo CC

applications.

Client OS version and set up N/A

Client protective measures

(Software)

N/A

Connection for clients inside the

customer network

N/A

Connection for clients outside the

customer network (Remote access)

N/A