Contents
ii PACSystems PROFINET IO Devices Secure Deployment Guide GFK-2904D
Enforcement ...................................................................................................................................................... 16
4.3 Authentication ........................................................................................................................................ 17
Server Protocols ............................................................................................................................................... 17
Authentication Supported by the PROFINET Protocol...................................................................... 17
Plaintext Login ................................................................................................................................................... 17
Recommendations .......................................................................................................................................... 17
4.4 Password Management ......................................................................................................................... 19
Changing Passwords ....................................................................................................................................... 19
4.5 Confidentiality and Integrity ............................................................................................................... 20
Communication Protocols ............................................................................................................................ 20
Firmware Signatures ...................................................................................................................................... 20
Logging and Auditing ...................................................................................................................................... 20
Chapter 5 Configuration Hardening ...................................................................................................................... 21
5.1 Scanner ...................................................................................................................................................... 21
5.2 Genius Gateway ...................................................................................................................................... 22
Chapter 6 Network Architecture and Secure Deployment ............................................................................. 23
6.1 Reference Architecture ......................................................................................................................... 23
6.2 Remote Access and Demilitarized Zones ......................................................................................... 24
6.3 Access and Process Control Networks ............................................................................................. 24
6.4 Access and PROFINET Networks ........................................................................................................ 25
Chapter 7 Other Considerations ............................................................................................................................ 27
7.1 Patch Management ................................................................................................................................ 27
7.2 Real-time Communication .................................................................................................................... 27
7.3 Additional Guidance .............................................................................................................................. 27
Protocol-Specific Guidance .......................................................................................................................... 27
Government Agencies and Standards Organizations ....................................................................... 27
To Next Page
Loading...
