EasyManua.ls Logo

ABB Relion 670 series - Local User Account Management; User Authorization and Role Management

ABB Relion 670 series
114 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Section 3 Secure system setup
3.1 Physical interfaces
GUID-DA029F79-3173-4D17-A7B9-AA213FAC8F68 v1
T
o reduce exposure for cyber-attacks and thus comply with cyber security
requirements, it must be possible to prevent services in the IED from operating on
other physical interfaces than the ones specified by the vendor or by the owner.
3.2 Communication ports and services
GUID-A5E2256D-C7E2-4CAC-8EAD-E7DBBCB4AF08 v7
The port security guideline cannot suggest concrete products for a secure system
setup. This must be decided within the specific project, requirements and existing
infrastructure.
The ports used in the IED series to set up a firewall are given in table
1. The ports
are listed in ascending order. The column “Default state” defines whether a port is
open or closed by default. All ports that are closed can be opened as described in
the comment column in the table. Front refers to the physical front port. On the rear
side of the IED there are four network interfaces labeled 301, 302, 303 and 304.
If
there is an OEM02 module installed there are two additional optical network
interfaces on the rear side, they are labeled 3061 and 3062. The protocol
availability on these ports can be configured using the Ethernet configuration tool.
ABB recommends using common security measures, like firewalls, up to date anti
virus software, etc. to protect the IED and the equipment around it.
It is recommended to deactivate the Access points and protocols
that are not in use to increase cyber security.
Table 1: Available ports
Port Protocol Default
state
Front 301 302 303 304 3061 3062 Service Comment
21 TCP open OFF OFF OFF OFF OFF OFF OFF FTP File transfer protocol
21 TCP open ON ON ON ON ON OFF OFF FTPS Explicit FTP over TLS
102 TCP closed OFF OFF OFF OFF OFF OFF OFF IEC 61850
(MMS)
MMS communication
123 UDP closed OFF OFF OFF OFF OFF OFF OFF SNTP Enabled when IED is configured
as SNTP master.
Table continues on next page
1MRK 511 399-UEN B Section 3
Secure system setup
670 series 2.2 IEC 15
Cyber security deployment guideline

Table of Contents

Other manuals for ABB Relion 670 series

Preview: Technical Reference Manual
Technical Reference Manual1232 pages
Preview: Technical Manual
Technical Manual1432 pages
Preview: Applications Manual
Applications Manual944 pages
Preview: Operation Manual
Operation Manual100 pages
Preview: Product Guide
Product Guide184 pages
Preview: Installation Manual
Installation Manual112 pages
Preview: Engineering Manual
Engineering Manual176 pages
Preview: Commissioning Manual
Commissioning Manual330 pages
Preview: Installation And Commissioning Manual
Installation And Commissioning Manual260 pages
Preview: Communication Protocol Manual
Communication Protocol Manual66 pages
Preview: Application Guide
Application Guide110 pages
Preview: Quick Start Guide
Quick Start Guide48 pages

Related product manuals