Table of Contents
Advertisement
9410 series - User manual
Issue
User accounts
Default account settings
are often the source of
unauthorized access by
malicious users.
Secure protocols
ION, Modbus, DNP, DLMS,
IEC 61850 and some IT
protocols are unsecure.
The device does not have
the capability to transmit
data encrypted using these
protocols.
Self-signed certificates
Factory shipped meters
include a self-signed SSL
certificate.
An SSL certificate is
required to use webpages
over HTTPS and Secure
ION (ION over TLS).
Configure
This section contains detailed information on the following tasks:
•
"Meter security configuration" on page 32
•
"Disabling and enabling protocols and changing port numbers" on page 42
•
"Verifying the meter security settings" on page 43
•
"Applying security settings to multiple meters" on page 44
This section also includes the following reference information:
•
"Default meter security settings" on page 46
•
"Advanced security mode" on page 47
7EN05-0336-09
Security risk
If you do not change the
default password,
unauthorized access can
occur.
If a malicious user gained
access to your network,
they could intercept
communications.
Self-signed certificates
can't be validated. An
attacker with access to the
network could pose as the
device to obtain credentials
sent over the TLS tunnel.
in a protected environment
Mitigation strategies
Change the default password of 0
(zero) to help reduce unauthorized
access. See
"Changing the default
password" on page
33.
For transmitting data over an internal
network, physically or logically
segment the network.
For transmitting data over an
external network, encrypt protocol
transmissions over all external
connections using an encrypted
tunnel, TLS wrapper, or Secure ION.
See
"System defense-in-depth
assumptions" on page
26.
Disable unused protocols
Use a Certificate Authority (CA)
signed SSL certificate and external
network controls.
Cybersecurity
31
Advertisement
Table of Contents
Troubleshooting
