Manualshelf

User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation
51525354555657585960
4
Cyber Security Concepts -
How to Secure the System
Cyber Security Concepts
-
56
Siemens Application Note
Smart Infrastructure
Topic Required Hardening
Connection for clients outside the
customer network (Remote access)
Secured communication configured.
Segmented Network.
Network firewalls configured and continuously
maintained.
DMZ configured.
Remote access Via remote desktop and VPN.
Clients in Internet restricted to "need to know"
Printers connectivity Yes
IT skills of users Low
IT skills of system administrators High
IT skills of network administrators High
IT skills of the installer (BT or VAP) High
Field devices connectivity Via V-LAN and secure routing: customer is
responsible to securing it. The assumption is
that the customer’s IT secures field device
connectivity.
Connection to other services
(for example, OPC servers and clients)
Via V-LAN and secure routing: customer is
responsible to securing it. The assumption is
that the customer’s IT secures field device
connectivity.
Client Windows login Professionally secured KIOSK mode.
Desigo CC users Use IDM/Kerberos authentication.
Desigo CC client-options Use Windows App and Web Client only.