Denial Of Service (Dos) Threshold Rates; Security Guidelines; Table 6-5: Denial Of Service (Dos) Threshold Rates; Table 6-6: Rmc Security Guidelines - ABB RMC-100 User Manual

Remote modular controller

Hide thumbs Also See for RMC-100:

Startup manual (37 pages)

Quick start manual (2 pages)

Startup manual (40 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

Table of Contents

IMPORTANT NOTE: TCP port numbers from 0 to 1023 are universally reserved for well-known

ports. Never use these port numbers.

6.3

Denial of Service (DOS) threshold rates

Protection of ports used for TCP/IP communication, such as Ethernet, is very important. Several

cybersecurity threats can make a device unavailable for connection.

If the ABB Totalflow device has a Denial of Service (DOS) attack, the device cannot grant requests for

connection. It stops responding. The following table provides the DOS threshold rates per packet type.

The device stops responding at these thresholds.

Table 6-5: Denial of Service (DOS) threshold rates

Packet type

Ethernet

ARP

ICMP

UDP

TCP

6.4

Security guidelines

The following table contains recommended guidelines to secure access to the RMC. Find procedures

for secure configuration throughout this manual, and in quick start guides and online PCCU help files.

Table 6-6: RMC security guidelines

Recommendation

Secure physical access

to the device

Secure access with

security switch

Configure bi-level

security codes

Enable Role-Based

Access Control (RBAC)

Secure network

connection

Secure Bluetooth®

access

Secure SSH/SFTP

access

Description

5 Mbps (7440 packets/sec)

2 Mbps (2976 packets/sec)

3 Mbps (4464 packets/sec)

4 Mbps (5952 packets/sec)

3 Mbps (4464 packets/sec)

1 Mbps (1488 packets/sec)

Description

Control access to the device, its internal components, and connected

peripherals.

Turn the onboard security switch on to enforce authentication through bi-level

security codes or RBAC.

See section 6.5.

Change default security codes to private codes (the default security code for

both level 1 and level 2 is 0000).

See section 6.5.

Configure RBAC.

See section 6.6.

Enable role-based access and enable authentication for each of the

communication ports.

Change the default RBAC passwords and security codes.

The device only connects to a firewall-protected private network. Do not

connect to the Internet.

Enable Bluetooth only when required.

Enable RBAC authentication on the port.

See section 6.6.

Enable the SSH/SFTP service only when required.

Change the default SSH/SFTP private keys for all accounts.

The SSH/SFTP private keys should always be passphrase-protected.

See section 6.7.

21 05 55 2MN A E | RM C-1 00 | 1 0 1

Table of Contents

Denial Of Service (Dos) Threshold Rates; Security Guidelines; Table 6-5: Denial Of Service (Dos) Threshold Rates; Table 6-6: Rmc Security Guidelines - ABB RMC-100 User Manual

Denial of Service (DOS) threshold rates

Table 6-5: Denial of Service (DOS) threshold rates

Security guidelines

Table 6-6: RMC security guidelines

Related Manuals for ABB RMC-100

Related Content for ABB RMC-100

Table of Contents