DOCSLIB.ORG

Guide to Computer Security Log Management

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Guide to Computer Security Log Management Special Publication 800-92 Guide to Computer Security Log Management Recommendations of the National Institute of Standards and Technology Karen Kent Murugiah Souppaya GUIDE TO COMPUTER SECURITY LOG MANAGEMENT Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-92 Natl. Inst. Stand. Technol. Spec. Publ. 800-92, 72 pages (September 2006) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by the National Institute of Standards and Technology, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose. ii GUIDE TO COMPUTER SECURITY LOG MANAGEMENT Acknowledgements The authors, Karen Kent and Murugiah Souppaya of the National Institute of Standards and Technology (NIST), wish to thank their colleagues who reviewed drafts of this document and contributed to its technical content, especially Bill Burr, Elizabeth Chew, Tim Grance, Bill MacGregor, Stephen Quinn, and Matthew Scholl of NIST, and Stephen Green, Joseph Nusbaum, Angela Orebaugh, Dennis Pickett, and Steven Sharma of Booz Allen Hamilton. The authors particularly want to thank Anton Chuvakin of LogLogic and Michael Gerdes for their careful review and many contributions to improving the quality of this publication. The authors would also like to express their thanks to security experts Kurt Dillard of Microsoft, Dean Farrington of Wells Fargo Bank, Raffael Marty of ArcSight, Greg Shipley of Neohapsis, and Randy Smith of the Monterey Technology Group, as well as representatives from the Department of Energy, the Department of Health and Human Services, the Department of Homeland Security, the Department of State, the Department of Treasury, the Environmental Protection Agency, the National Institutes of Health, and the Social Security Administration, for their valuable comments and suggestions. Trademarks All names are registered trademarks or trademarks of their respective companies. iii GUIDE TO COMPUTER SECURITY LOG MANAGEMENT Table of Contents Executive Summary............................................................................................................ES-1 1. Introduction ................................................................................................................... 1-1 1.1 Authority................................................................................................................ 1-1 1.2 Purpose and Scope............................................................................................... 1-1 1.3 Audience ............................................................................................................... 1-1 1.4 Publication Structure ............................................................................................. 1-1 2. Introduction to Computer Security Log Management ................................................ 2-1 2.1 The Basics of Computer Security Logs.................................................................. 2-1 2.1.1 Security Software....................................................................................... 2-2 2.1.2 Operating Systems..................................................................................... 2-4 2.1.3 Applications................................................................................................ 2-4 2.1.4 Usefulness of Logs..................................................................................... 2-6 2.2 The Need for Log Management............................................................................. 2-7 2.3 The Challenges in Log Management..................................................................... 2-8 2.3.1 Log Generation and Storage ...................................................................... 2-8 2.3.2 Log Protection............................................................................................ 2-9 2.3.3 Log Analysis............................................................................................. 2-10 2.4 Meeting the Challenges....................................................................................... 2-10 2.5 Summary............................................................................................................. 2-11 3. Log Management Infrastructure................................................................................... 3-1 3.1 Architecture........................................................................................................... 3-1 3.2 Functions............................................................................................................... 3-3 3.3 Syslog-Based Centralized Logging Software......................................................... 3-5 3.3.1 Syslog Format............................................................................................ 3-5 3.3.2 Syslog Security .......................................................................................... 3-7 3.4 Security Information and Event Management Software ......................................... 3-9 3.5 Additional Types of Log Management Software................................................... 3-10 3.6 Summary............................................................................................................. 3-11 4. Log Management Planning........................................................................................... 4-1 4.1 Define Roles and Responsibilities ......................................................................... 4-1 4.2 Establish Logging Policies..................................................................................... 4-3 4.3 Ensure that Policies Are Feasible.......................................................................... 4-7 4.4 Design Log Management Infrastructures............................................................... 4-9 4.5 Summary............................................................................................................. 4-10 5. Log Management Operational Processes.................................................................... 5-1 5.1 Configure Log Sources.......................................................................................... 5-1 5.1.1 Log Generation .......................................................................................... 5-1 5.1.2 Log Storage and Disposal.......................................................................... 5-2 5.1.3 Log Security............................................................................................... 5-4 5.2 Analyze Log Data.................................................................................................. 5-5 5.2.1 Gaining an Understanding of Logs............................................................. 5-5 5.2.2 Prioritizing Log Entries ............................................................................... 5-6 5.2.3 Comparing System-Level and Infrastructure-Level Analysis....................... 5-7 iv GUIDE TO COMPUTER SECURITY LOG MANAGEMENT 5.3 Respond to Identified Events................................................................................. 5-8 5.4 Manage Long-Term Log Data Storage .................................................................. 5-9 5.5 Provide Other Operational Support...................................................................... 5-10 5.6 Perform Testing and Validation ........................................................................... 5-10 5.7 Summary............................................................................................................. 5-11 List of Appendices Appendix A— Glossary ........................................................................................................A-1 Appendix B— Acronyms ......................................................................................................B-1 Appendix C— Tools and Resources....................................................................................C-1 Appendix D— Index ..............................................................................................................D-1 List of Figures Figure 2-1. Security Software Log Entry Examples ................................................................ 2-3 Figure 2-2. Operating System Log Entry Example ................................................................. 2-4 Figure 2-3. Web Server Log Entry Examples ........................................................................
Load more

Recommended publications
  • Application Log Analysis
    Masarykova univerzita Fakulta}w¡¢£¤¥¦§¨ informatiky !"#$%&'()+,-./012345<yA| Application Log Analysis Master’s thesis Júlia Murínová Brno, 2015 Declaration Hereby I declare, that this paper is my original authorial work, which I have worked out by my own. All sources, references and literature used or excerpted during elaboration of this work are properly cited and listed in complete reference to the due source. Júlia Murínová Advisor: doc. RNDr. Vlastislav Dohnal, Ph.D. iii Acknowledgement I would like to express my gratitude to doc. RNDr. Vlastislav Dohnal, Ph.D. for his guidance and help during work on this thesis. Furthermore I would like to thank my parents, friends and family for their continuous support. My thanks also belongs to my boyfriend for all his assistance and help. v Abstract The goal of this thesis is to introduce the log analysis area in general, compare available systems for web log analysis, choose an appropriate solution for sample data and implement the proposed solution. Thesis contains overview of monitoring and log analysis, specifics of application log analysis and log file formats definitions. Various available systems for log analysis both proprietary and open-source are compared and categorized with overview comparison tables of supported functionality. Based on the comparison and requirements analysis appropriate solution for sample data is chosen. The ELK stack (Elasticsearch, Logstash and Kibana) and ElastAlert framework are deployed and configured for analysis of sample application log data. Logstash configuration is adjusted for collecting, parsing and processing sample data input supporting reading from file as well as online socket logs collection. Additional information for anomaly detection is computed and added to log records in Logstash processing.
    [Show full text]
  • Analysis of Web Logs and Web User in Web Mining
    International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.1, January 2011 ANALYSIS OF WEB LOGS AND WEB USER IN WEB MINING L.K. Joshila Grace 1, V.Maheswari 2, Dhinaharan Nagamalai 3, 1Research Scholar, Department of Computer Science and Engineering [email protected] 2 Professor and Head,Department of Computer Applications 1,2 Sathyabama University,Chennai,India 3Wireilla Net Solutions PTY Ltd, Australia ABSTRACT Log files contain information about User Name, IP Address, Time Stamp, Access Request, number of Bytes Transferred, Result Status, URL that Referred and User Agent. The log files are maintained by the web servers. By analysing these log files gives a neat idea about the user. This paper gives a detailed discussion about these log files, their formats, their creation, access procedures, their uses, various algorithms used and the additional parameters that can be used in the log files which in turn gives way to an effective mining. It also provides the idea of creating an extended log file and learning the user behaviour. KEYWORDS Web Log file, Web usage mining, Web servers, Log data, Log Level directive. 1. INTRODUCTION Log files are files that list the actions that have been occurred. These log files reside in the web server. Computers that deliver the web pages are called as web servers. The Web server stores all of the files necessary to display the Web pages on the users computer. All the individual web pages combines together to form the completeness of a Web site. Images/graphic files and any scripts that make dynamic elements of the site function.
    [Show full text]
  • NXLOG Community Edition Reference Manual for V2.9.1716 I
    Ed. v2.9.1716 NXLOG Community Edition Reference Manual for v2.9.1716 i NXLOG Community Edition Reference Manual for v2.9.1716 Ed. v2.9.1716 Ed. v2.9.1716 NXLOG Community Edition Reference Manual for v2.9.1716 ii Copyright © 2009-2014 NXLog Ltd. Ed. v2.9.1716 NXLOG Community Edition Reference Manual for v2.9.1716 iii Contents 1 Introduction 1 1.1 Overview . .1 1.2 Features . .1 1.2.1 Multiplatform . .1 1.2.2 Modular architecture . .1 1.2.3 Client-server mode . .2 1.2.4 Log message sources and destinations . .2 1.2.5 Importance of security . .2 1.2.6 Scalable multi-threaded architecture . .2 1.2.7 High performance I/O . .2 1.2.8 Message buffering . .2 1.2.9 Prioritized processing . .3 1.2.10 Avoiding lost messages . .3 1.2.11 Apache-style configuration syntax . .3 1.2.12 Built-in config language . .3 1.2.13 Scheduled tasks . .3 1.2.14 Log rotation . .3 1.2.15 Different log message formats . .4 1.2.16 Advanced message processing capabilites . .4 1.2.17 Offline processing mode . .4 1.2.18 Character set and i18n support . .4 2 Installation and quickstart 5 2.1 Microsoft Windows . .5 2.2 GNU/Linux . .6 2.2.1 Installing from DEB packages (Debian, Ubuntu) . .6 2.2.2 Installing from RPM packages (CentOS, RedHat) . .6 2.2.3 Configuring nxlog on GNU/Linux . .6 Ed. v2.9.1716 NXLOG Community Edition Reference Manual for v2.9.1716 iv 3 Architecture and concepts 7 3.1 History .
    [Show full text]
  • System Log Files Kernel Ring Buffer Viewing Log Files the Log Files
    System Log Files Most log files are found in /var/log Checking logs are critical to see if things are working correctly Checking logs is critical to see if things are working correctly. Take a look at all the log files on scratch ls /var/log Kernel Ring Buffer The kernel ring buffer is something like a log file for the kernel; however, unlike other log files, it’s stored in memory rather than in a disk file. You can use the dmesg command to view it. Many times it is logged to /var/log/dmesg as well. It requires sudo privileges to read the /var/log/dmesg file, but not to run the dmesg command. Viewing log files There are a number of commands to view log files. cat less head tail Anytime a new entry is added to a log file, it is appended to the end of the file. This is one of those times where tail is particularly useful. Usually when we want to look at log files we want to look at the most recent entries. When organizing our viewing command - order matters. Most of the following commands produce different results. And all are useful depending on what type of results you want. Go through the thought process and figure out what each command does. Can you figure out which three produce identical results? cat /var/log/syslog cat /var/log/syslog | grep daemon cat /var/log/syslog | grep daemon | tail -n 10 cat /var/log/syslog | tail -n 10 cat /var/log/syslog | tail -n 10 | grep daemon less /var/log/syslog less /var/log/syslog | tail -n 10 | grep daemon head -n 10 /var/log/syslog head -n 10 /var/log/syslog | grep daemon tail -n 10 /var/log/syslog tail -n 10 /var/log/syslog | grep daemon If you add the -f option to the tail command it provides a live watch of the log file.
    [Show full text]
  • Forensic Investigation of P2P Cloud Storage Services and Backbone For
    Forensic investigation of P2P cloud storage services and backbone for IoT networks : BitTorrent Sync as a case study Yee Yang, T, Dehghantanha, A, Choo, R and Yang, LK http://dx.doi.org/10.1016/j.compeleceng.2016.08.020 Title Forensic investigation of P2P cloud storage services and backbone for IoT networks : BitTorrent Sync as a case study Authors Yee Yang, T, Dehghantanha, A, Choo, R and Yang, LK Type Article URL This version is available at: http://usir.salford.ac.uk/id/eprint/40497/ Published Date 2016 USIR is a digital collection of the research output of the University of Salford. Where copyright permits, full text material held in the repository is made freely available online and can be read, downloaded and copied for non-commercial private study or research purposes. Please check the manuscript for any further copyright restrictions. For more information, including our policy and submission procedure, please contact the Repository Team at: [email protected]. Note: This is authors accepted copy – for final article please refer to International Journal of Computers & Electrical Engineering Forensic Investigation of P2P Cloud Storage: BitTorrent Sync as a Case Study 1 2 3 1 Teing Yee Yang , Ali Dehghantanha , Kim-Kwang Raymond Choo , Zaiton Muda 1 Department of Computer Science, Faculty of Computer Science and Information Technology, Universiti Putra Malaysia, UPM Serdang, Selangor, Malaysia 2 The School of Computing, Science & Engineering, Newton Building, University of Salford, Salford, Greater Manchester, United Kingdom 3 Information Assurance Research Group, University of South Australia, Adelaide, South Australia, Australia. Abstract Cloud computing has been regarded as the technology enabler for the Internet of Things (IoT).
    [Show full text]
  • Log File Management Tool Deployment and User's Guide
    Log File Management Tool Deployment and User's Guide Genesys Care/Support current 9/9/2021 Table of Contents Log File Management Tool Deployment and User's Guide 8.5.104 4 Overview 5 Architecture 8 New in this Release 11 Downloading LFMT 13 Known Issues and Limitations 14 Migration to LFMT 8.5.104 15 Log File Management Tool Deployment Planning 17 LFMT Client - GAX Dependencies 18 LFMT Database Sizing 19 LFMT Storage and Resource Sizing 21 Log File Management Tool General Deployment 24 Prerequisites 25 Deployment of the LFMT Client 27 Deployment of the LFMT Indexer 29 Deployment of the LFMT Collector 32 Configuration of the LFMT Database 36 Initializing the DBMS 40 Deployment of Workbench Agent for LFMT 8.5.1 44 Installing Workbench Agent (Mass Deployment) for LFMT 8.5.1 49 LFMT Application Connections 59 Log File Management Tool Configuration Options 60 LFMT Host Object Configuration Options 61 LFMT GAX Configuration Options 62 LFMT Indexer Configuration Options 64 LFMT Collector Configuration Options 67 LFMT DAP Object Configuration Options 73 Workbench Agent Configuration Options (for LFMT 8.5.1) 74 Workbench Agent Host Object Configuration Options (for LFMT 8.5.102) 78 Log File Management Tool User's Guide 79 Configuration of Access Control for LFMT Users 80 Site Configuration 85 Collection Schedules 89 Force Collection 93 Indexing and Scrubbing 97 Log File Packaging 101 Available Packages 104 LFMT Audit Information 108 Additional Information 111 Configuration of TLS Connections 112 Best Practices 116 Regular Expressions 117 Release Notes 119 Log File Management Tool Deployment and User's Guide 8.5.104 Log File Management Tool Deployment and User's Guide 8.5.104 The Log File Management Tool (LFMT) is an intelligent, configurable, centralized log collection tool developed by Genesys Customer Care.
    [Show full text]
  • Dude, Where's My Log File?
    Dude, Where’s My Log File? Making the Most of Progress OpenEdge Log Files Michael Banks Principal Software Engineer, OpenEdge Progress Software Introduction Why Log Files? • History • Troubleshooting • Security Introduction . Many components . Diverse technologies . Some common • AppServer, WebSpeed, Pacific AppServer for OpenEdge • Servlet container hosted components (adapters mainly) • ubroker.properties configuration 3 © 2014 Progress Software Corporation. All rights reserved. Goals for This Session How can I Where control the What is in should I type and the log file? look? amount of messages? 4 © 2014 Progress Software Corporation. All rights reserved. Progress OpenEdge Database Database Log <dbdir>/<dbname>.lg . Location cannot be changed . Startup parameter settings . Date/time startup and shutdown . User login/logout . System error messages . Utility and maintenance activity . SQL server startup/shutdown 5 © 2014 Progress Software Corporation. All rights reserved. Progress OpenEdge Database – Log Format [2014/09/16@15:25:45.022-0400] P-13259 T-47842003425760 I DBUTIL : (451) p t t t i b i f b k bth [ [2014/09/16@15:25:4 P- 13259 T- 47842003425760 ER 0: (333) Multi-user session begin. [2014/09/16@15:25:45.509-0400] P-13267 T-469809696I BROKER 0 : (15321) Before Image Log Initialization at block 0 offset 0. [2014/09/16@15:25:45.622-0400] P-13267 T-46980969695680 I BROKER 0: (452) Login by mbanks on batch. [ 6980969695680 I BROKER 0: (4234) P(452) g Loginp E g by mbanksa . Lon batch. u 61 on Linux devlinux15 2.6.18-164.el5 #1 SMP Tue Aug 18 15:51:48 EDT 2009 x86_64.
    [Show full text]
  • Forensics in Peer-To-Peer Sharing and Associated Litigation Challenges
    Forensics in Peer-to-Peer Sharing and Associated Litigation Challenges Presented by Mo Hamoudi, Seattle, WA ([email protected]) Terry Lahman, Snoqualmie, WA ([email protected]) 1 Statement of Probable Cause “Between April 08, 2016, and April 09, 2016, while acting in an undercover capacity, I used a law enforcement version of eMule, a commonly used P2P file sharing program for the eD2k file sharing network, to monitor for P2P users possessing and distributing image and video files depicting child pornography. I used the law enforcement version of eMule to download several files depicting child pornography from a P2P user at IP address <redacted> (the SUBJECT IP ADDRESS).” The statement of probable cause implies the detective was sitting at a computer utilizing a special version of software to identify and download suspected child pornography. It also implies that the specialize software is running autonomously on the detective’s computer. The law enforcement version of eMule runs automatically without user invention. And the law enforcement computer is only one component of a large scale network of computers. Digging into the technical data of the law enforcement version of eMule required a deep investigation similar to peeling an onion, one layer at a time. The entire process required a number of discovery requests to peel back each layer. Each new discovery item was analyzed to dig deeper into the next layer. PRACTICE POINT: The practitioner needs to use the Federal Rules of Criminal Procedure 16 or its state counterpart to obtain information beyond the affidavit. United States v. Soto-Zuniga, 837 F.3d 992 (9th Cir.
    [Show full text]
  • IRC Channel Data Analysis Using Apache Solr Nikhil Reddy Boreddy Purdue University
    Purdue University Purdue e-Pubs Open Access Theses Theses and Dissertations Spring 2015 IRC channel data analysis using Apache Solr Nikhil Reddy Boreddy Purdue University Follow this and additional works at: https://docs.lib.purdue.edu/open_access_theses Part of the Communication Technology and New Media Commons Recommended Citation Boreddy, Nikhil Reddy, "IRC channel data analysis using Apache Solr" (2015). Open Access Theses. 551. https://docs.lib.purdue.edu/open_access_theses/551 This document has been made available through Purdue e-Pubs, a service of the Purdue University Libraries. Please contact [email protected] for additional information. Graduate School Form 30 Updated 1/15/2015 PURDUE UNIVERSITY GRADUATE SCHOOL Thesis/Dissertation Acceptance This is to certify that the thesis/dissertation prepared By Nikhil Reddy Boreddy Entitled IRC CHANNEL DATA ANALYSIS USING APACHE SOLR For the degree of Master of Science Is approved by the final examining committee: Dr. Marcus Rogers Chair Dr. John Springer Dr. Eric Matson To the best of my knowledge and as understood by the student in the Thesis/Dissertation Agreement, Publication Delay, and Certification Disclaimer (Graduate School Form 32), this thesis/dissertation adheres to the provisions of Purdue University’s “Policy of Integrity in Research” and the use of copyright material. Approved by Major Professor(s): Dr. Marcus Rogers Approved by: Dr. Jeffery L Whitten 3/13/2015 Head of the Departmental Graduate Program Date IRC CHANNEL DATA ANALYSIS USING APACHE SOLR A Thesis Submitted to the Faculty of Purdue University by Nikhil Reddy Boreddy In Partial Fulfillment of the Requirements for the Degree of Master of Science May 2015 Purdue University West Lafayette, Indiana ii To my parents Bhaskar and Fatima: for pushing me to get my Masters before I join the corporate world! To my committee chair Dr.
    [Show full text]
  • Log Monitoring and Analysis with Rsyslog and Splunk
    Non è possibile visualizzare questa immagine. Consiglio Nazionale delle Ricerche Istituto di Calcolo e Reti ad Alte Prestazioni Log monitoring and analysis with rsyslog and Splunk A. Messina, I. Fontana, G. Giacalone Rapporto Tecnico N.: RT-ICAR-PA-15-07 Dicembre 2015 Consiglio Nazionale delle Ricerche, Istituto di Calcolo e Reti ad Alte Prestazioni (ICAR) – Sede di Cosenza, Via P. Bucci 41C, 87036 Rende, Italy, URL: www.icar.cnr.it – Sede di Napoli, Via P. Castellino 111, 80131 Napoli, URL: www.na.icar.cnr.it – Sede di Palermo, Viale delle Scienze, 90128 Palermo, URL: www.pa.icar.cnr.it Non è possibile visualizzare questa immagine. Consiglio Nazionale delle Ricerche Istituto di Calcolo e Reti ad Alte Prestazioni Log monitoring and analysis with rsyslog and Splunk A. Messina1, I. Fontana2, G. Giacalone2 Rapporto Tecnico N.: RT-ICAR-PA-15-07 Dicembre 2015 1 Istituto di Calcolo e Reti ad Alte Prestazioni, ICAR-CNR, Sede di Palermo, Viale delle Scienze edificio 11, 90128 Palermo. 2 Istituto per l’Ambiente Marino Costiero, IAMC-CNR, Sede di Capo Granitola, Via del Mare n. 3, 90121 Torretta Granitola – Campobello di Mazara. I rapporti tecnici dell’ICAR-CNR sono pubblicati dall’Istituto di Calcolo e Reti ad Alte Prestazioni del Consiglio Nazionale delle Ricerche. Tali rapporti, approntati sotto l’esclusiva responsabilità scientifica degli autori, descrivono attività di ricerca del personale e dei collaboratori dell’ICAR, in alcuni casi in un formato preliminare prima della pubblicazione definitiva in altra sede. Index 1 INTRODUCTION ......................................................................................................... 4 2 THE SYSTEM LOG PROTOCOL ............................................................................... 6 2.1 Introduction ........................................................................................................................ 6 2.2 The protocol ......................................................................................................................
    [Show full text]
  • Centralized and Structured Log File Analysis with Open Source and Free Software Tools
    Bachelor Thesis Summer Semester 2013 at Fachhochschule Frankfurt am Main University of Applied Sciences Department of Computer Science and Engineering towards Bachelor of Science Computer Science submitted by Jens Kühnel Centralized and structured log file analysis with Open Source and Free Software tools 1. Supervisor: Prof. Dr. Jörg Schäfer 2. Supervisor: Prof. Dr. Matthias Schubert topic received: 11. 07. 2013 thesis delivered: 30. 08. 2013 Abstract This thesis gives an overview on the Open Source and Free Software tools available for a centralized and structured log file analysis. This includes the tools to convert unstructured logs into structured log and different possibilities to transport this log to a central analyzing and storage station. The different storage and analyzing tools will be introduced, as well as the different web front ends to be used by the system administrator. At the end different tool chains will be introduced, that are well tested in this field. Revisions Rev. 269: Official Bachelor these sent to FH Rev. 273: Removal of Affidavit, fix of Pagenumber left/right II Table of Contents 1 Introduction.......................................................................................................................................1 1.1 Selection criteria........................................................................................................................1 1.2 Programs that are included in this thesis...................................................................................2 1.3 What
    [Show full text]
  • Cyber Security Platform Modicon Controllers 12/2018 (Original Document) EIO0000001999 12/2018 Platform Controllers Modicon
    Modicon Controllers Platform EIO0000001999 12/2018 Modicon Controllers Platform Cyber Security Reference Manual (Original Document) 12/2018 EIO0000001999.06 www.schneider-electric.com The information provided in this documentation contains general descriptions and/or technical characteristics of the performance of the products contained herein. This documentation is not intended as a substitute for and is not to be used for determining suitability or reliability of these products for specific user applications. It is the duty of any such user or integrator to perform the appropriate and complete risk analysis, evaluation and testing of the products with respect to the relevant specific application or use thereof. Neither Schneider Electric nor any of its affiliates or subsidiaries shall be responsible or liable for misuse of the information contained herein. If you have any suggestions for improvements or amendments or have found errors in this publication, please notify us. You agree not to reproduce, other than for your own personal, noncommercial use, all or part of this document on any medium whatsoever without permission of Schneider Electric, given in writing. You also agree not to establish any hypertext links to this document or its content. Schneider Electric does not grant any right or license for the personal and noncommercial use of the document or its content, except for a non-exclusive license to consult it on an "as is" basis, at your own risk. All other rights are reserved. All pertinent state, regional, and local safety regulations must be observed when installing and using this product. For reasons of safety and to help ensure compliance with documented system data, only the manufacturer should perform repairs to components.
    [Show full text]