Lindy Switch Placing Lindy KVM IP alongside the firewall, Ensuring sufficient security, Ports

Page 24

Placing LINDY KVM IP alongside the firewall

LINDY KVM IP is built from the ground-up to be secure. It employs a sophisticated 128bit public/private key system that has been rigorously analysed and found to be highly secure (a security white paper is available upon request). Therefore, you can position the LINDY KVM IP alongside the firewall and control hosts that are also IP connected within the local network.

IMPORTANT: If you make the LINDY KVM IP accessible from the public Internet or from a modem, care should be taken to ensure that the maximum security available is activated. You are strongly advised to enable encryption and use a strong password. Security may be further improved by restricting client IP addresses, using a non-standard port number for access or limiting remote access to dial up connections only.

Ensuring sufficient security

The security capabilities offered by the LINDY KVM IP are only truly effective when they are correctly used. An open or weak password or unencrypted link can cause security loopholes and opportunities for potential intruders. For network links in general and direct Internet connections in particular, you should carefully consider and implement the following:

Ensure that encryption is enabled.

By local configuration or by remote configuration.

Ensure that you have selected secure passwords with at least 8 characters and a mixture of upper and lower case and numeric characters.

By remote configuration.

Reserve the admin password for administration use only and use a non- admin user profile for day-to-day access.

Use the latest Secure VNC viewer (this has more in-built security than is available with the Java viewer). To download the viewer.

Use non-standard port numbers.

Restrict the range of IP addresses that are allowed to access the LINDY KVM IP to only those that you will need to use. To restrict IP access.

Do NOT Force VNC protocol 3.3. Remote configuration. Protocol 3.3 is a legacy version that does not offer any encryption.

Add a further level of inherent security by restricting access only via modem or ISDN dialup.

Ensure that the computer accessing the LINDY KVM IP is clean of viruses and spyware and has up-to-date firewall and anti-virus software loaded that is appropriately configured.

Avoid accessing the LINDY KVM IP from public computers.

Security can be further improved by using the following suggestions:

Use a KVM switch with On-Screen-Display driven security access and an auto- logout (after inactivity) feature to provide a second level of security.

Place the LINDY KVM IP behind a firewall and use port the numbers to route the VNC network traffic to an internal IP address.

Review the activity log from time to time to check for unauthorized use.

Lock your server consoles after they have been used.

A security white paper that gives further details is available upon request.

Ports

In this configuration there should be no constraints on the port numbers because the LINDY KVM IP will probably be the only device at that IP address. Therefore, maintain the HTTP port as 80 and the VNC port as 5900.

Addressing

When the LINDY KVM IP is situated alongside the firewall, it will require a public static IP address (i.e. one provided by your Internet service provider).

More addressing information:

Discover DHCP-allocated addresses

DNS addressing

   



23

Image 24
Contents IP Access Switch Plus DVI Audio Contents Index Virtual Media feature Local user consoleModem/ISDN port Dual formats for flexibilityLindy KVM IP features front and rear What’s in the box What you may additionally needMounting Single unit rack bracketsDouble unit rack brackets Full width of a 1U rack slotConnections Host computer links Keyboard and mouseLocal console connections Keyboard and mouse Video Audio Single host computer or many?Host computer links Video To make a video linkHost computer links Audio Host computer links Virtual MediaTo make an audio link To make an Virtual Media linkLocal console connections Keyboard and mouse To connect a local keyboard and mouseLocal console. Why?   Local console connections Video To connnect a local video monitorLocal console connections Audio IP network portTo connect local speakers To connect the IP network portPower supply connection To connect the power supplyConnect the power leads to a nearby main supply socket Modem/ISDN portPower control port To connect and address the switch boxesInitial configuration Part 1 Local configurationInitial configuration occurs as two distinct parts Part 1 Local configurationTo perform the initial local configuration Edit the Unit config screen. The key elements here areEncryption settings Lindy KVM IP encryption settingsViewer encryption settings EncryptionWhich restore setting do I use? To restore mouse operation when hot pluggingHot plugging and mouse restoration Recognising an IntelliMouse-style mouseResetting the configuration Lindy KVM IP asks for an unknown admin passwordTo invoke a configuration reset by switch Lindy KVM IP does not display the configuration sequencePart 2 Remote configuration To perform the remote configurationNetworking issues Port settingsPositioning Lindy KVM IP in the network Placing Lindy KVM IP behind a router or firewallAddressing To discover a DHCP-allocated IP addressDNS addressing Firewall/router addressPlacing Lindy KVM IP alongside the firewall Ensuring sufficient securityPorts Power switching configuration Power control sequencesTo configure the power sequences for each host computer Power OffKvmadmin utility Kvmadmin command ip address parametersKvmadmin -getconfig kvm1.cfg Kvmadmin -setusers users.csvPerforming a flash upgrade To perform a flash upgradeConfigure network option Important Wait until the upgrade is completeConnecting to the Lindy KVM IP Local connectionTo make a local connection To view the local control menuRemote connections To avoid the ‘hall of mirrors’ effectTo connect using the VNC viewer To connect using your Web browserRemote connection by VNC viewer Remote connection by Web browserUsing the viewer window When using the viewer windowMenu bar Configure Mouse pointersFor the VNC viewer, the local cursor is a dot To select a hostAccess mode shared/private Power controlAuto calibrate Re-synchronise mouseSingle Mouse Mode ControlsMouse Control Resync MouseWhen entering codes Video SettingsKeyboard Control InfoAdjusted Settings for all itemsWhen the screen contains only host system information Increased by 50% when a slow link is detectedVirtual Media To remotely transfer files to a host computerConnecting via dial up modem or Isdn link Downloading VNC viewer from the Lindy KVM IPIf you need to enter a port number Viewer encryption settings Supported web browsersWindows LinuxTroubleshooting Getting assistanceAppendix 1 Local configuration menus To access the local configuration menusSelect the ‘Configuration’ option to display Select the required optionUnit configuration Network configuration Modem configuration Reset configuration This option allows you to completely reset the Lindy KVM IPTo reset the Lindy KVM IP configuration Clear IP access control What is IP access control?To clear IP access control Appendix 2 VNC viewer connection options Colour/EncodingAuto select Preferred encodingEnable all inputs Disable all inputs view-only modeInputs CustomiseScaling MiscDefaults Reload Defaults SaveIdentities Load / SaveAppendix 3 VNC viewer window options Appendix 4 Browser viewer options Encoding and colour levelSecurity Appendix 5 Remote configuration menus To access the remote configuration menusMain configuration menu Logged on users Click the required optionUser accounts Screensaver Timeout Hardware VersionFirmware Version Host Keyboard LayoutAdvanced unit configuration Time & date configuration IP Access Control IP Network MaskIP Gateway Setting IP access control To define a new IP access control entryTo reorder access control entries To edit/remove access control entriesSerial port configuration Power control portModem port Host configuration To create a new host entryPort/host addressing using Port Direct Hotkey sequences and Port DirectHotkey sequences Port DirectLogging and status To copy and paste the logSyslog Server IP Address For further details To get hereAppendix 6 Addresses, masks and ports IP addressesNet masks Answer YESNet masks the binary explanation Operation with net maskBinary equivalent Binary octet afterCalculating the mask for IP access control Single locationsAll locations Address rangesSecurity issues with ports PortsAppendix 7 Cable and connector specifications RS232 serial mouse to PS/2 converter cable+5V 12VAppendix 8 Hotkey sequence codes Permissible key pressesCreating macro sequences Appendix 9 Supported video modes Other products in the CPU Switch range WarrantySafety information General Public License LinuxEnd user licence agreement Radio Frequency Energy European EMC directive 89/336/EECFCC Compliance Statement United States Canadian Department of Communications RFI statementGermany France Italia LINDY-Elektronik GmbHItalia Email info@lindy.ch Video source setting IndexConnections

Switch specifications

Lindy Switch is a pivotal innovation in the realm of audio-visual and data transmission technologies, designed to facilitate seamless switching between multiple signal sources. This device serves numerous applications, from broadcasting and live events to professional AV setups and corporate environments. One of its standout features is the ability to handle multiple input and output formats, enabling users to switch between HDMI, DisplayPort, USB, and more, depending on their specific needs.

The technology behind Lindy Switch is built to ensure high-definition signal integrity, with support for resolutions up to 4K at 60Hz. This makes it an ideal choice for environments that demand high-quality video output, such as home theaters and conference rooms. Furthermore, the device is engineered for low latency, ensuring that signal switching occurs in real-time without discernible lag, crucial for live performances and presentations.

Lindy Switch incorporates advanced features such as automatic switching, which detects the active input source and seamlessly transitions to it, making it user-friendly even for those who are not tech-savvy. Additionally, the device often includes remote control capabilities, allowing users to manage inputs from a distance, enhancing convenience in larger spaces.

Another characteristic that sets Lindy Switch apart is its robust build quality. Designed for reliability, it features durable connectors and housing, safeguarding against wear and tear from frequent use. This reliability extends to its compatibility with a wide range of operating systems and devices, including Windows, macOS, and various gaming consoles.

In summary, Lindy Switch exemplifies cutting-edge technology in signal management, boasting features such as high-definition support, low latency, automatic switching, and versatile compatibility. Its solid construction and user-friendly interface make it a vital tool for professionals and enthusiasts alike, ensuring optimal performance in diverse audio-visually demanding environments. Whether for a home cinema or a corporate setting, Lindy Switch meets the needs of modern users who rely on efficient and high-quality signal switching solutions.