User Manual
System Security
Installation/Commissioning
2
A6V11917731_en_b_41
15 | 27
2.2 Installation/Commissioning
2.2.1 Security Measures
Physical Security
● The Desigo CC server machine must be locked in a restricted access control
room.
● The Novigo/Cerberus PACE control unit must be installed in the same
protected room as Desigo CC or in a dedicated protected room.
● Desigo CC and the Novigo/Cerberus PACE control unit must be connected
through a dedicated Ethernet cable when Desigo CC and Novigo/Cerberus
PACE are installed in the same room.
● A network connection is allowed only through a tunneling VPN.
Network Protection
● VPN must be used to protect the client/server communication through tunnel
communication.
● Desigo CC and its subsystems must be physically isolated (through a
dedicated network) from the customer’s network and the Internet. This also
includes RDP connections.
● The Novigo/Cerberus PACE control unit must be installed in a protected
cabinet and connected to Desigo CC through a dedicated network or a VPN.
Measures to be Observed
● The communication between the remote client and the PACE zone must be
encrypted.
● The PACE-specific requirements for communication must be respected.
● The communication channel must not be connected to external devices.
● The communication channel must allow PACE-related communication only.
VLAN Configuration Requirements
The owner of the network or the plant operators are responsible for creating a
secure VLAN configuration. The following requirements must be met:
● Only static VLAN must be used.
● Any connection to other VLANs, such as through monitoring, is not allowed.
● Standard segments such as VLAN1 must not be used.
● Unused ports must be disabled and an unused VLAN be assigned.
● The autotrunking function of the switch must be deactivated.