B1-43, 1) overall policy – Yokogawa YFGW710 User Manual

B1-43

IM 01W01F01-01EN

(1) Overall Policy

The targets to be protected by the security measures to be implemented are both the CENTUM

system and YFGW710 and field wireless devices.
While considering the priority of availability, integrity, and confidentiality, it is necessary to con-

sider how to ensure security from the following points of view.

▪ Preventing penetration into the system from the outside via the network
▪ Preventing penetration from the field wireless network into the CENTUM system by a per-

son with no CENTUM privilege

▪ Conversely, preventing penetration from CENTUM into the field wireless network by a per-

son with no field wireless privilege

▪ Preventing network or other problems occurring in CENTUM or on the field wireless network

from affecting each other

There are the following specific methods to improve security.

▪ Setting Security Zone

▪ Define a unit with common security requirements and uniform security level as a security

zone and create a hierarchy of different security zones.

▪ Multi-layer Protection

• Network boundary security between security zones

Network segmentation
Access control between segments by firewall

• Network security in security zone
• Fortifying PC

IT security setting in CENTUM

Access control
Personal Firewall
Stopping unnecessary Windows services
Changing the IT environment settings

Windows security patch management
Antivirus software

▪ Workgroup and domain management
▪ Group policy setting