Schneider Electric ComX 210 User Manual

Com’X 210/510 Hardening Guide 7EN12-0328

Com’X 210/510 Hardening Guide

Introduction ...........................................................................................................2
Upgrade Firmware ................................................................................................3
Safety Precautions ...............................................................................................5
User management ................................................................................................5
Install a private SSL certificate ...........................................................................6
Disable enabling of Remote VPN access from cloud services .......................7
Port management .................................................................................................7
Set Secure Publication Transports .....................................................................8
Disable WiFi Access Point ............................................................................... 10
Apply Modbus TCP/IP Filtering ........................................................................ 11
Enable Warning Banner .................................................................................... 12
Com’X 210/510 Hardening Guide
DOCA0098EN
DOCA0098DE
DOCA0036EN
DOCA0036DE

Introduction

Your Schneider Electric product is equipped with security-enabling features. These features arrive in a default state and can be configured for your installation needs. Please note that disabling or modifying settings can impact the overall security robustness of the device and the security of your network.
This guide provides recommendations to better secure your Com’X device. Please use this guide in conjunction with the user manual for the step by step procedure details required for the configuration of specific features and settings.
NOTE: This guide is applicable for Com'X firmware version 6.5 and above.

Additional resources

Com'X 200/Com'X 210/Com'X 510 Instruction Sheet
Com'X 510 User Manual
Document References
5406AD002 5406AD005 5406AD006 5406AD007
DOCA0098FR DOCA0098ES
DOCA0098PT DOCA0098IT DOCA0098ZH DOCA0098RU
Page 2 © 2019 Schneider Electric. All rights reserved.
Com'X 210 User Manual
Com’X SSL Certificate Installation Guide
DOCA0036FR DOCA0036ES
DOCA0036PT DOCA0036IT DOCA0036ZH DOCA0036RU
7EN12-0327
Com’X 210/510 Hardening Guide

Access Com’X user manual

You can download the Com’X 210 and Com’X 510 user manual from the Schneider Electric website.
Com’X 510 User Manual
Com’X 210 User Manual
The user manual for Com’X 510 can also be accessed directly on the device.
1. Login to the Com’X.
2. Select Settings > Links > View Links.
3. Click the Com’X 510 User Manual - EN document local link to download the manual.

Upgrade Firmware

Products are hardened to increase security robustness. This is an ongoing process consisting of secure development practices, inclusion of security features and testing at our security test facilities. Keep your device firmware updated with the latest security updates.

Determine current firmware version

Locate the firmware version currently running on your Com’X.
1. Login to the Com’X.
2. Click About link located on the top right corner of the screen.
3. Determine Application version under Product Versions.
© 2019 Schneider Electric. All rights reserved. Page 3
Com’X 210/510 Hardening Guide

Upgrade to latest firmware version

1. Determine the latest Com’X firmware version available on se.com.
a. Com’X 510 firmware
b. Com’X 210 firmware
2. Download and unzip the firmware bundle if it is higher than the firmware version on your Com’X device.
3. Open the release notes contained in the unzipped bundle.
4. Update the firmware if the release notes indicate security updates. The firmware filename begins with upgrade-Com’X and has file extension .sp1.
NOTE: See Upgrade Firmware section in the User Manual.
Page 4 © 2019 Schneider Electric. All rights reserved.
Loading...
+ 8 hidden pages