Configure Security (Recommended); Access Points; Communication Interfaces; User-Enabled Services - ABB RMC-100 User Manual

6

Configure security (recommended)

To secure access to the RMC, review the security features implemented.
6.1

Access points

Totalflow user interfaces and host products support connection with the RMC through several types of
communication ports, protocols, and services. These constitute points of entry that could be subject to
inexperienced, unauthorized or malicious access through a point-to-point connection or a connection
established over a network. Physical access to the ports must be controlled to protect local and
remote access. Enable on-board security or enforce authentication before establishing a connection
with any of the ports.
This section lists the communication ports, services, protocols, and the open Transmission Control
Protocol (Transmission Control Protocol, TCP) ports that need to be considered when securing devices.
6.2

Communication interfaces

The table below lists the default communication ports available in the RMC with standard
configuration. These ports are pre-configured from the factory. When enabled, these ports are ready
for use, but are not secured.
Unprotected ports make the full functionality of the device available to any user. Configure security
passcode or role-based authentication to prevent indiscriminate access.

Table 6-1: Default communication ports on the RMC

Wired connections
communication ports,
default names
MMI, port name:
MMI Serial - COM0
USB, port name:
Totalflow - USB
Ethernet 1 and 2, port
name:
Totalflow – TCP
COMM1, port name: TF
– Remote
IMPORTANT NOTE: The Ethernet ports on the RMC might connect to a Network and peripheral
devices. If the peripheral devices send real-time measurement data to the RMC, configure
connections correctly to prevent loss of this data due to network issues.
IMPORTANT NOTE: The RMC does not have native wireless support. Access to the RMC from a
Bluetooth client is supported with the use of a Bluetooth-to-USB dongle. The table below indicates
the default port name and security feature available to protect the device.

Table 6-2: Non-native Bluetooth support on the RMC

Wireless connections
communication interfaces
Bluetooth via USB Dongle,
Port Name: Bluetooth
6.2.1

User-enabled services

Services are software processes that run on the RMC device. The table below lists user-enabled
services that open access to the embedded software file system. Unauthorized or malicious use of
these services can cause file corruption and render a device inoperable.
Default state Default protocol
Enabled Totalflow Local
(Read-only)
Enabled Totalflow Local
(Read-only)
Disabled Totalflow/TCP
(Read-only)
Enabled Totalflow Remote
(Configurable)
Default state
Disabled
Security feature available
Bi-Level Security code authentication or
Role-base Authentication (Role-base
Authentication, RBAC)
Bi-Level Security code authentication or
Role-base Authentication (Role-base
Authentication, RBAC)
Bi-Level Security code authentication or
Role-base Authentication (Role-base
Authentication, RBAC)
Bi-Level Security code authentication or
Role-base Authentication (Role-base
Authentication, RBAC)
Protocol Security feature available
Totalflow Role-Based Authentication (RBAC)
Local
21 05 55 2MN A E | RM C-1 00 | 9 9