show the entry list
Security update of the Automation License Manager (ALM)
Part number:
Summary Internet document

Important security improvements have been included in Version 5.1 SP 1 Update 3 of the Automation License Manager (ALM). This update should therefore be installed as soon as possible.

   

Internet document Summary

Security-relevant vulnerabilities have been found in older versions of the ALM (>= V4.0) which can adversely affect the availability of the licensing service in the event of deliberate manipulation. In certain situations there might be a risk of foreign programming code being executed in the event of a targeted attack.  

If an older ALM version is in use, we therefore recommend installing the update of the Automation License Manager at the earliest opportunity. The update can be downloaded at the following link:
Entry ID 114358

If updating the ALM is currently - or generally - not possible, the following protective measures should be reviewed and implemented accordingly:

  • Restricting or blocking ALM communication (standard port 4410/TCP) at network boundaries to or between production areas by means of suitable security measures such as firewalls.
  • Deactivating remote access to the ALM service with systems that do not operate as license servers (e.g. providing floating licenses for other systems). This option can be found in the ALM settings in the "Connection" register.
  • Avoid opening websites from unknown or untrustworthy sources using the Internet Explorer.

You can find more security measures as well as general information on the subject of industrial security at  www.siemens.com/industrialsecurity 

 

 

 Entry ID:57252401   Date:2011-12-19 
I regard this article....as helpfulas not helpful                                 
mySupport
My Documentation Manager 
Newsletter 
CAx-Download-Manager 
Support Request
To this entry
Print
Create PDF 
Send to a friend
QuickLinks
Compatibility tool 
Help
Online Help
Guided Tour