Siemens RUGGEDCOM RSG2200 User's Guide Page 14
- Page / 170
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
Chapter 1
Introduction
RUGGEDCOM ROS
User Guide
2 Security Recommendations and Considerations
Section 1.2
Security Recommendations and Considerations
The following describes important security-related recommendations and suggestions that should be considered
before implementing the RMC30 on any network:
• Section 1.2.1, “Security Recommendations”
• Section 1.2.2, “Key Files”
Section 1.2.1
Security Recommendations
To prevent unauthorized access to the device, note the following security recommendations:
• Do not connect the device to the Internet. Deploy the device only within a secure network perimeter.
• Replace the default passwords for all user accounts and processes (where applicable) before the device is
deployed.
• Use strong passwords. Avoid weak passwords such as password1, 123456789, abcdefgh, etc. For more
information about creating strong passwords, refer to the password requirements in Section 4.3, “Configuring
Passwords”.
• Make sure passwords are protected and not shared with unauthorized personnel.
• Passwords should not be re-used across different usernames and systems, or after they expire.
• When RADIUS authentication is done remotely, make sure all communications are within the security perimeter
or on a secure channel.
• SSL and SSH keys are accessible to users who connect to the device via the serial console. Make sure to take
appropriate precautions when shipping the device beyond the boundaries of the trusted environment:
▪ Replace the SSH and SSL keys with throwaway keys prior to shipping.
▪ Take the existing SSH and SSL keys out of service. When the device returns, create and program new keys
for the device.
• Restrict physical access to the device to only trusted personnel. A person with malicious intent could extract
critical information, such as certificates, keys, etc. (user passwords are protected by hash codes), or reprogram
the device.
• Control access to the serial console to the same degree as any physical access to the device. Access to the
serial console allows for potential access to the ROS boot loader, which includes tools that may be used to gain
complete access to the device.
• Only enable services that will be used on the device, including physical ports. Unused physical ports could
potentially be used to gain access to the network behind the device.
• If SNMP is enabled, limit the number of IP addresses that can connect to the device and change the
community names. Also configure SNMP to raise a trap upon authentication failures. For more information,
refer to Section 5.2, “Managing SNMP”.
• Avoid using insecure services such as Telnet and TFTP, or disable them completely if possible. These services
are available for historical reasons and are disabled by default.
• Limit the number of simultaneous Web Server, Telnet and SSH sessions allowed.
• Configure remote system logging to forward all logs to a central location. For more information, refer to
Section 3.6, “Managing Logs”.
- RC1105-EN-02 1
- Table of Contents 3
- Chapter 2 4
- Chapter 3 4
- Chapter 6 7
- Conventions 9
- Related Documents 10
- System Requirements 10
- Accessing Documentation 11
- Training 11
- Customer Support 11
- Customer Support xii 12
- Introduction 13
- Security Recommendations 14
- Key Files 15
- SSL Certificates 16
- SSH Key Pairs 17
- Available Services by Port 18
- Available Services by Port 7 19
- 8 Available Services by Port 20
- Supported Standard MIBs 21
- Supported Agent Capabilities 22
- SNMP Traps 23
- ModBus Management Support 24
- ModBus Function Codes 25
- ModBus Memory Map 26
- Ethernet Port Status 27
- Ethernet Statistics 27
- 16 ModBus Memory Map 28
- ModBus Memory Map 17 29
- Serial Statistics 30
- ModBus Memory Formats 31
- Reading Data Using PortCmd 32
- PSStatusCmd 33
- TruthValues 34
- Considerations” 36
- Using ROS 37
- Connecting via the Network 38
- Logging In 39
- Logging Out 40
- Using the Web Interface 40
- Using the Web Interface 29 41
- Using the Console Interface 42
- Available CLI Commands 44
- 34 Available CLI Commands 46
- Tracing Events 47
- Using SQL Commands 48
- Finding the Correct Table 49
- Retrieving Information 49
- 38 Retrieving Information 50
- Changing Values in a Table 51
- Resetting a Table 51
- Using RSH and SQL 51
- Selecting Ports in ROS 52
- Viewing Flash File Details 53
- Accessing BIST Mode 54
- Device Management 55
- Viewing CPU Diagnostics 57
- Restoring Factory Defaults 58
- Configuring an IP Interface 59
- Uploading/Downloading Files 59
- Section 3.5.1 60
- Managing Logs 63
- Clearing Local Logs 64
- Managing Remote Logging 65
- Adding a Remote Syslog Server 66
- Managing IP Gateways 69
- Configuring IP Services 71
- 60 Configuring IP Services 72
- Figure 25: IP Services Form 72
- Managing Remote Monitoring 73
- Managing RMON Alarms 76
- Viewing a List of RMON Alarms 77
- Adding an RMON Alarm 78
- Adding an RMON Alarm 67 79
- Deleting an RMON Alarm 80
- Managing RMON Events 81
- Viewing a List of RMON Events 82
- Adding an RMON Event 82
- Deleting an RMON Event 84
- Upgrading Firmware 85
- Downgrading Firmware 85
- Resetting the Device 86
- Decommissioning the Device 87
- Decommissioning the Device 76 88
- System Administration 89
- Customizing the Login Screen 90
- Configuring Passwords 90
- Alarms” 92
- Managing Alarms 93
- Figure 45: Alarms Table 94
- Section 4.4.2 94
- Configuring an Alarm 95
- 84 Configuring an Alarm 96
- Figure 48: Alarms Table 96
- Weak Password Configured 98
- Default Keys In Use 99
- Login and Logout Information 99
- RADIUS Server Unreachable 99
- TACACS+ Server Unreachable 99
- TACACS+ Response Invalid 100
- SNMP Authentication Failure 100
- Port Security Violated 100
- Configuring Data Encryption 101
- CAUTION! 102
- IMPORTANT! 103
- Configuring the RADIUS Server 104
- Configuring the RADIUS Client 104
- RUGGEDCOM ROS 105
- Chapter 4 105
- Configuring TACACS+ 106
- Configuring User Priviliges 107
- Setup and Configuration 109
- Configuring NTP 110
- 4. Click Apply 111
- Managing SNMP 112
- Viewing a List of SNMP Users 113
- Adding an SNMP User 113
- 1. InsertRecord 114
- User Guide 115
- Adding an SNMP User 103 115
- Deleting an SNMP User 116
- Chapter 5 117
- Managing SNMP Groups 119
- Viewing a List of SNMP Groups 120
- Adding an SNMP Group 120
- Managing Network Discovery 122
- Managing Serial Protocols 123
- Encapsulation Concepts 125
- RTU Polling 126
- Broadcast RTU Polling 127
- Preemptive Raw Socket 128
- Port Redirectors 129
- Modbus Concepts 130
- Section 5.4.2.2 131
- Turnaround Delay 133
- The Concept of Links 134
- Address Learning for TIN 134
- Address Learning for DNP 135
- Broadcast Messages 136
- Transport Protocols 136
- Section 5.4.4 137
- Configuring a Serial Port 138
- 16. Reload Button 139
- 14. Reload Button 141
- Parameter Description 141
- Section 5.4.7 143
- 14. Reload Button 144
- Section 5.4.8 145
- Figure 90: Modbus Server Form 146
- Section 5.4.9 146
- Figure 91: Modbus Client Form 147
- Section 5.4.10 147
- Figure 92: WIN and TIN Form 148
- Configuring the DNP Protocol 150
- Section 5.4.14 153
- Figure 98: Mirrored Bits Form 154
- Section 5.4.15 155
- Section 5.4.16 157
- Section 5.4.16.1 157
- Adding a Remote Host 158
- Deleting a Remote Host 159
- Managing Device Addresses 160
- Adding a Device Address 161
- Deleting a Device Address 162
- 3. Click Delete 163
- Statistics table appears 164
- Section 5.4.20 165
- Resetting Serial Ports 167
- Resetting Serial Ports 156 168
- Troubleshooting 169
- General 158 170
Related products and manuals for Networking Siemens RUGGEDCOM RSG2200
Networking Siemens TC35 Terminal Specifications
(439 pages)
(439 pages)
Networking Siemens SPC3 Specifications
(4 pages)
(4 pages)
Networking Siemens SANTIS-ab User Manual
(28 pages)
(28 pages)
Networking Siemens 505-2571 Specifications
(68 pages)
(68 pages)
Networking Siemens DTU3005-B Operator's Manual
(141 pages)
(141 pages)
Networking Siemens MC35 Specifications
(42 pages)
(42 pages)
Networking Siemens TC35 Terminal Specifications
(204 pages)
(204 pages)
Networking Siemens TC35 Terminal Specifications
(278 pages)
(278 pages)
Networking Siemens RS-485 Service Manual
(92 pages)
(92 pages)
Networking Siemens gigaset SE551 User Manual
(183 pages)
(183 pages)
© 2020, manymanuals.com. All rights reserved. | 1.968 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals