SIMATIC Ident CB Gate
Operating Instructions, 08/2022, C79000-G8976-C671-01
7
Safety instructions
2
2.1
Security recommendations
To prevent unauthorized access, observe the following security recommendations when
working with the CB Gate.
General
• Check regularly that the devices comply with these recommendations and/or other
internal security policies.
• Evaluate your plant as a whole in terms of security. Use a cell protection concept with
suitable products.
• Do not connect the devices directly to the Internet. Operate the devices within a protected
network area.
Physical access
• Restrict physical access to the device.
• Make sure that only adequately qualified personnel have access to the device.
• Lock unused physical ports (e.g. Ethernet ports) on the device. Unused ports can be used
to access the system without authorization.
• The devices have "Low-level service access" that can only be enabled via additional
hardware interconnection. The access is used to enable Siemens personnel to perform
advanced examination for servicing. The access may only be used by qualified service
personnel. Any other use results in the loss of the warranty.
Software (security functions)
• Keep the software up to date. Keep yourself informed regularly about safety updates for
the product.
You can find additional information about this at the following link.
• Only enable protocols that you actually need to use the device. Note that, in the factory
setting, all protocols can be used. However, while the device has established a connection
via a protocol, all other protocols are disabled.
• Limit access to the device using an external device through a firewall or rules in an access
control list (ACL). The firewall and access list can only be configured via an external
device.