Eaton 91PS User And Installation Manual

Also see for 91PS: User and installation guide Safety and installation quick guide Safety and installation quick guide User and installation guide

APPENDIX A: Recommended securityhardening guidelinesThe UPS has been designed with cybersecurity as an important consideration. Number ofcybersecurity features are now offered in the product which, if implemented as per therecommendations in this section, would minimize the cybersecurity risk to the UPS. The “secureconfiguration” or “hardening” guidelines provide information to the users to securely deploy andmaintain their product to adequately minimize the cybersecurity risks to their system.Our company is committed to minimizing the cybersecurity risk in its products and deployscybersecurity best practices and latest cybersecurity technologies in its products and solutions,making them more secure, reliable and competitive for our customers. Our company also offersCybersecurity Best Practices whitepapers to its customers that can be referenced at www.eaton.com/cybersecurity .Category DescriptionAsset identification andinventory Keeping track of all the devices in the system is a prerequisite foreffective management of cybersecurity of a system. Make sure thatyou maintain an inventory of all uniquely identify each component. Tofacilitate this, the UPS supports the following identifying information:manufacturer, type, serial number, f/w version number, and location.Users can extract device information at locations mentioned below:• Product number, serial number and UPS name are listed on theInformation screen• Firmware versions can be found on the About screenPhysical protection Industrial Control Protocols do not offer cryptographic protections atprotocol level, at physical ports and at controller mode switches,leaving them exposed to cybersecurity risk. Physical security is animportant layer of defense in such cases. The UPS is designed withthe consideration that it would be deployed and operated in aphysically secure location.• Physical access to the communication lines should be restricted toprevent any attempts of wiretapping or sabotage. It is a best practiceto use metal conduits for the communication lines running from onecabinet to another cabinet.• An attacker with unauthorized physical access to the device couldcause serious disruption of the device functionality. A combination ofphysical access controls to the location should be used, such aslocks, card readers, and/or guards.• The UPS supports the following physical access ports: RS232, USBand slots for communication cards. Access to them must berestricted.• Do not connect an unauthorized USB device, CD/DVD or SD cardfor any operation (for example, firmware upgrade, configurationchange and boot application change).• Before connecting any portable device through USB, CD/DVD or SDcard slot, scan the device for malwares and viruses.Authorization andaccess controlIt is extremely important to securely configure the logical accessmechanisms provided in the UPS to safeguard the device fromunauthorized access. Our company recommends that the availableaccess control mechanisms be used properly to ensure that access tothe system is restricted to legitimate users only. And, such users areEATON 91PS/93PS UPS USER’S AND INSTALLATIONGUIDEP-164000672 - 005 2023 www.eaton.eu 8866