Siemens SCALANCE XRH-300

To Next Page

To Previous Page

• Make sure the latest 󹪝rmware version is installed, including all security-related patches.

For the latest information on security patches for Siemens products, visit the Industrial

Security (https://www.siemens.com/industrialsecurity) website or the ProductCert Security

Advisories (https://www.siemens.com/cert/en/cert-security-advisories.htm) website.

Updates to the Siemens Product Security Advisories can be obtained by subscribing to the RSS

feed on the Siemens ProductCERT Security Advisories website, or by following @ProductCert

on Twitter.

• Only enable services that will be used on the device, including physical ports. Unused

physical ports could potentially be used to gain access to the network behind the device.

• For optimal security, use the authentication and encryption mechanisms in SNMPv3

whenever possible, and apply strong passwords.

• Con󹪝guration 󹪝les can be downloaded from the device. Make sure con󹪝guration 󹪝les are

properly protected. For instance, digitally sign and encrypt the 󹪝les, store them in a secure

place, and only transfer con󹪝guration 󹪝les via secure communication channels.

Con󹪝guration 󹪝les can be password-protected when downloaded. For information about

protecting a con󹪝guration 󹪝le with a password, refer to "Supplementary documentation

(Page 8)".

• When using SNMP (Simple Network Management Protocol):

– Con󹪝gure SNMP to raise a trap upon authentication failures.

For more information, refer to "Supplementary documentation (Page 8)".

– Make sure the default community strings are changed to unique values.

– Use SNMPv3 whenever possible. SNMPv1 and SNMPv2c are considered non-secure and

should only be used when necessary.

– Whenever possible, prevent write access.

3.2 Available services

The following is a list of all available protocols or services and their ports through which the

device can be accessed, including the following information:

• Service

The service supported by the device.

• Protocol

The protocol used by the service.

• Port number

The port number assigned to the service.

• Default status

The default state of the service (i.e. Open, Closed, Active)

• Con󹪝gurable service

Speci󹪝es whether or not the service can be con󹪝gured.

• Con󹪝gurable port number

Speci󹪝es whether the port number is con󹪝gurable.

Security recommendations

3.2 Available services

SCALANCE XRH-300/XRM-300

18 Equipment Manual, 10/2022, C79000-G8976-C546-01

Related product manuals