Table of contents
1
Introduction...................................................................................................................................................7
2
Safety instructions........................................................................................................................................9
2.1
Note on Safety Integrated......................................................................................................10
3
Industrial Security.......................................................................................................................................11
3.1
Security information...............................................................................................................11
3.2
What is industrial security?....................................................................................................11
3.3
3.3.1
3.4
Security management............................................................................................................16
4
General security measures.........................................................................................................................19
4.1
Plant security..........................................................................................................................20
4.1.1
Physical protection of critical production areas......................................................................20
4.2
Network security.....................................................................................................................21
4.2.1
Network segmentation...........................................................................................................21
4.2.1.1
Separation between production and office networks.............................................................21
4.2.1.2
4.3
System integrity......................................................................................................................26
4.3.1
System hardening..................................................................................................................26
4.3.1.1
Reduction of attack points......................................................................................................26
4.3.1.2
Virus scanner.........................................................................................................................28
4.3.2
Whitelisting.............................................................................................................................29
4.3.3
Patch management................................................................................................................29
5
5.1
Network security.....................................................................................................................31
5.2
Write protection and know-how protection.............................................................................31
5.2.1
Write protection......................................................................................................................32
5.2.2
Know-how protection..............................................................................................................34
5.2.2.1
Overview................................................................................................................................34
5.2.2.2
5.2.2.3
5.2.2.4
5.2.3
5.3
5.4
Using the memory card..........................................................................................................48
5.5
Communication services and used port numbers..................................................................49
5.6
Web server.............................................................................................................................52
5.6.1
Industrial Security
Configuration Manual, 08/2017, A5E36912609A
3