MA-025 – DGA 900 Operator Guide – Rev 2.0 12-Apr-19 Page 69 of 92
▪ On each GE product, change every supported password to something other than its
default value.
▪ Harden the configuration of each GE product, disabling unneeded features, protocols
and ports.
▪ Test / qualify the system.
▪ Create an update/maintenance plan.
A.2 Communication Requirements
Communication between different parts of a control system is, and must be, supported.
However, the security of a control system can be enhanced by limiting the protocols
allowed, and the paths across which they are allowed, to only what is needed. This can be
accomplished by disabling every communication protocol that isn’t needed on a particular
device, and by using appropriately configured and deployed network security devices (e.g.
firewalls, routers) to block every protocol (whether disabled or not) that doesn’t need to
pass from one network/segment to another.
GE recommends limiting the protocols allowed by the network infrastructure to the
minimum set required for the intended application. Successfully doing this requires
knowing which protocol is needed for each system-level interaction.
A.2.1 External Interfaces
The product features the following external interfaces as shown in Table A-1.
Table A-1: External Interfaces
To Next Page
Loading...
Need help?
General
