Security
Recommendation
Rockwell has developed
architecture for security information. For more details, refer to
the following enterprise manuals available in literature library:
- SECURE-UM001 - Configure System Security Features (User Manual)
- SECURE-RM001 - System Security Design Guidelines (Reference Manual)
It is recommended that organizational security
requirements and policies for setting up and operating the system
are followed. Some recommendations are as follows:
- Configure HTTPS for secured and encrypted communication. Follow respective vendor current documentation for set up and verification.
- TLS must be enabled and setup (version 1.1 and above).
- Protect the private key for the TLS certificate.
- Follow your organization's guidelines for user management, user creation, access control etc.
- Set a complex password as per the company policy.
- Obtain a certificate from an approved CA as per your organization’s guidance and configure TLS on the platform. The key size of the certificate must be at least 2048 bits and must use the SHA-256, SHA-384, or SHA-512 algorithm for digital signatures.
- Non-administrative users should not be allowed to change the configuration.
- Configure firewalls and harden the infrastructure as recommended by the IT/security team in the environment.
Provide Feedback