Security Recommendations for Commissioning
Configuration of Security Services
Most EcoStruxure Panel Server services are disabled by default to reduce the attack surface and exposure to a minimum. Consequently, it is recommended to only enable the services that are strictly required for the EcoStruxure Panel Server operation.
Secure Communications with Wireless Devices
The control of wireless communications between the EcoStruxure Panel Server and wireless devices is enforced through a pairing mechanism. Only wireless devices that have been paired with the EcoStruxure Panel Server can join its wireless network.
In addition, the wireless communications are secured by cryptographic mechanisms supporting the integrity and confidentiality of data exchanged through the wireless network.
Once the pairing is performed, it is recommended to periodically verify the list of paired devices configured in the EcoStruxure Panel Server to make sure that the list of devices contains no unexpected or malicious devices. Reinforce access to device data by disabling Modbus TCP/IP service.