Adder Technology manual Placing AdderView CATxIP 5000 alongside the firewall, Ports

Page 29

Placing AdderView CATxIP 5000 alongside the firewall

The AdderView CATxIP 5000 is built from the ground-up to be secure. It employs a sophisticated 128bit public/private key system that has been rigorously analysed and found to be highly secure. Therefore, you can position the AdderView CATxIP 5000 alongside the firewall and control hosts that are also IP connected within the local network.

IMPORTANT: If you make the AdderView CATxIP 5000 accessible from the public Internet, care should be taken to ensure that the maximum security available

is activated. You are strongly advised to enable encryption and use a strong password. Security may be further improved by restricting client IP addresses, using a non-standard port number for access.

Ensuring sufficient security

The security capabilities offered by the AdderView CATxIP 5000 are only truly effective when they are correctly used. An open or weak password or unencrypted link can cause security loopholes and opportunities for potential intruders. For network links in general and direct Internet connections in particular, you should carefully consider and implement the following:

Ensure that encryption is enabled.

By local configuration menu or global configuration page.

Ensure that you have selected secure passwords with at least 8 characters and a mixture of upper and lower case and numeric characters.

By global configuration page.

Reserve the admin password for administration use only and use a non- admin user profile for day-to-day access.

Use the latest Secure VNC viewer (this has more in-built security than is available with the Java viewer). To download the viewer.

Use non-standard port numbers.

Restrict the range of IP addresses that are allowed to access the AdderView CATxIP 5000 to only those that you will need to use. To restrict IP access.

Do NOT Force VNC protocol 3.3.

Ensure that the computer accessing the AdderView CATxIP 5000 is clean of viruses and spyware and has up-to-date firewall and anti-virus software loaded that is appropriately configured.

Avoid accessing the AdderView CATxIP 5000 from public computers.

Security can be further improved by using the following suggestions:

Place the AdderView CATxIP 5000 behind a firewall and use the port numbers to route the VNC network traffic to an internal IP address.

Review the activity log from time to time to check for unauthorised use.

Lock your server consoles after they have been used.

A security white paper that gives further details is available upon request from Adder Technology Limited.

Ports

In this configuration there should be no constraints on the port numbers because the AdderView CATxIP 5000 will probably be the only device at that IP address. Therefore, maintain the HTTP port as 80 and the VNC port as 5900.

Addressing

When the AdderView CATxIP 5000 is situated alongside the firewall, it will require a public static IP address (i.e. one provided by your Internet service provider).

More addressing information:

Discover DHCP-allocated addresses

DNS addressing

   



28

Page 28 Page 30
Image 29
Page 28 Page 30
Contents AdderView CATxIP Contents Further information Index Many computers CAM formatsEnterprise installations Creating larger installationsCascade installations AdderView CATxIP 5000 features front and rear   What’s in the boxWhat you may additionally need Double unit rack brackets MountingSingle unit rack brackets    ConnectionsTo connect the local user port Local userAdderView CATxIP Rear panel From video monitor From USB keyboard and mouseAdderView CATxIP Front panel Global users IP network portTo connect the IP network port for global users To connect a computer system Computer system via CAMOutput lead from Power adapter Power in connectionTo connect the power supply Switch Power control portTo connect and address the switch boxes Multiple video head connections Cable from serial Control device Remote switching controlHost computer port/channel Overall initial configuration ConfigurationInitial configuration Menu layout Main menuHotkeys SecurityTo enable general security General security and configuration stepsTo set an Admin password Registering users and host computersTo clear a password and restore factory default settings What to do if the Admin password has been forgottenTo clear IP access control Clearing IP access controlWhat is IP access control? To configure the unit from a global user location Full configuration by global userViewer encryption settings Encryption settingsAdderView CATxIP 5000 encryption settings Positioning AdderView CATxIP 5000 in the network Networking issuesPlacing AdderView CATxIP 5000 behind a router or firewall Port settingsAddressing Firewall/router addressDNS addressing To discover a DHCP-allocated IP addressPorts Placing AdderView CATxIP 5000 alongside the firewallEnsuring sufficient security Power control sequences Power switching configurationTo configure the power sequences for each host computer To control two or more ports simultaneouslyTo upgrade AdderView CATxIP 5000 models Recovering from a failed upgradeTo invoke backup/recovery mode Upgrading AdderView CATxIP 5000 modelsFront panel indicators Accessing the AdderView CATxIPSelecting a computer Local user accessWhen choosing To select a computer using the Select Host menuStandard hotkeys Select Host menu here you can select computers by nameLogging in and out Show All UsersUser preferences and functions To enable/disable the confirmation boxConfirmation status box Orange dot indicators in the Select Host menu How do multiple users coexist? Global user accessWhat will I see when I first login? To access via the VNC viewer Global user access via VNC viewerTo download the VNC viewer Options buttonTo access via your web browser Global user access via web browserMenu bar Using the viewer windowWhen using the viewer window Mouse pointers ConfigureHost selection To select a hostPower switching Access mode shared/privateAuto calibrate Re-synchronise mouseControls When entering codes Enable Sun TranslationVideo Settings Keyboard ControlIncreased by 50% when a slow link is detected Using automatic configurationsSetting the Threshold manually Screen contains only host system informationShow All Users Advanced Video SettingsCustom Video Modes Reduced BlankingVNC hotkey selection Supported web browsers Viewer encryption settingsIf you need to enter a port number When logging on using VNC viewer, I cannot enter a username TroubleshootingGetting assistance US +1 888 275To access the local setup menus Appendix 1 Local setup menusRestore Standard Mouse Power ControlRestore Intellimouse FunctionsSettings Disabled, Enabled Settings Blank, Moving LogoUser Preferences Screen SaverUser Timeout Mouse SwitchingGlobal Preferences OSD Dwell TimeAuto Logout Setup OptionsLogon Security IP admin password, encryption settings, etc ConfigurationCompletely resets the AdderView CATxIP 5000 unit IP address, net mask, VNC port, etcUnit Configuration Network Configuration Settings Power Control, Sync Units Serial ConfigurationSettings 1200, 2400, 4800, 9600, 19200, 38400, 57600 Options PortTo reset the AdderView CATxIP 5000 configuration Reset ConfigurationMain configuration Logged on users Appendix 2 Configuration pages via viewerTo access the remote configuration pages User accounts Unit configuration Advanced unit configuration Time & date configuration IP Access Control Network configurationIP Network Mask IP GatewayTo define a new IP access control entry Setting IP access controlTo reorder access control entries To edit/remove access control entriesBaud Rate Serial port configurationOptions Port Use Erase Host Configuration Host configurationAdd entry for unrecognised host SortTo copy and paste the log Logging and statusSyslog Server IP Address For further details To get hereLdap configuration Colour/Encoding Appendix 3 VNC viewer connection optionsAuto select Preferred encodingDisable all inputs view-only mode Enable all inputsInputs CustomiseMisc No Scaling ScalingScale to Window Size Custom SizeDefaults Save Defaults ReloadIdentities Load / SaveAppendix 4 VNC viewer window options Security Appendix 5 Browser viewer optionsEncoding and colour level Net masks Appendix 6 Addresses, masks and portsIP addresses Operation with net mask Net masks the binary explanationBinary equivalent Binary octet afterSingle locations Calculating the mask for IP access controlAll locations Address rangesPorts Security issues with portsCascade tree Appendix 7 Cascading multiple unitsSee also To connect units in cascade Connecting units in cascadeTips for successful cascading Addressing computers in a cascade Using cascaded computersAdderView CATxIP 5000 to power switch cable Appendix 8 Cable and connector specificationsPower switch to power switch daisy chain cable Multi-head synchronisation cableCreating macro sequences Appendix 9 Hotkey sequence codesPermissible key presses Appendix 10 Supported video modes General Public License Linux WarrantySafety information End user licence agreement European EMC directive 89/336/EEC Radio Frequency EnergyFCC Compliance Statement United States Canadian Department of Communications RFI statementHoe Huat Industrial Building Index Options port Upgrade failure Connection Baud rate
Top Page Image Contents