Manualshelf

User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation
55565758596061626364
5
ChecklistCyber Security Concepts -
How to Secure the System
62
Siemens Application Note
Smart Infrastructure
Predefined Security Zones
These are the predefined security zones and their intended purposes:
WirelessZone - Networks that can be accessed by users and applications
with a wireless connection.
ExternalZone - Networks that are not secure, such as the Internet and other
external networks.
DMZZone - A DMZ (demilitarized zone) is sometimes referred to as a pe-
rimeter network. It contains company servers that can be accessed from ex-
ternal sources. A DMZ lets external users and applications access specific
internal servers but prevents external users from accessing secure company
networks. Add rules to the firewall Rule Base that allow traffic to the compa-
ny DMZ: for example, a rule that allows HTTP and HTTPS traffic to your web
server in the DMZ.
InternalZone - Company networks with sensitive data that must be protect-
ed and used only by authenticated users.
Controls Status
Implement physical and environmental security controls
Implement network separation
Implement protective firewall rules
Implement access control measures
Implement operational security controls
Implement user management controls
5