10.3
Deployment guideline
Please do not install the device in the public place and to ensure that physical access to the
devices is granted only to trusted personal. The customer must be aware that the unauthorized
physical access to the device can cause cyber security risk. The deployment assumes that the
person who can physical access the device is the device owner, who can answer a door call
and open the lock for outdoor station.
When user decides to remove the device from system, user shall reset the device to factory
setting in order to remove all the configuration data and sensitive data in the device. This will
prevent sensitive data leak.
It is recommended that the device is deployed together with security controls (such as a firewall
or an IPS) that can detect and possibly even prevent some of the DoS attacks. It is also
necessary that switches and routers are properly configured and allow for rate limiting, as well
as restrict the percentage of CPU power that is allowed to be spent on different interfaces by
using rate limiters.
10.4
Upgrading
Device supports firmware updating by uploading firmware from Welcome App. In this mode, a
signature file will be used to verify the authentication and integrity of firmware.
If Internet services available, device will connect to MyBuildings sever to download the new
firmware, but needs to be confirmed by end user every time by Welcome App.
10.5
Backup/Restore
There is no backup and restore of the configuration data for the device.
10.6
Malware prevention solution
The product is not susceptible to malware, because custom code cannot be executed on the
system. The only way to update the software is by firmware upgrading. Only firmware signed by
ABB can be accepted.
10.7
Password rule
There is no preset administrator account/password in the device.
Manual del producto 2TMD042000D0013
Seguridad de la red
│55