NetLinx Security within the Web Server

NetLinx Security Terms

The following table lists some commonly used NetLinx Security terms:

NetLinx Security Terms

User

A user is a single potential client of the NetLinx Master.

 

 

Administrator

An administrator has privileges to modify existing NetLinx Master access

 

groups, users, and their rights. The administrator can also assign NetLinx

 

communication access rights for different users or groups (ex: Telnet and

 

HTTP access) and configure the Master’s SSL server certificate.

 

 

Group

A group is a logical collection of users. Note that any properties possessed by

 

a group (ex: access rights, directory associations, etc.) are inherited by all

 

members of that group.

 

 

Username

A username is a valid character string (4 - 20 alpha-numeric characters)

 

defining the user. This string is case sensitive and each username must be

 

unique.

 

 

Group name

A group name is a valid character string (4 - 20 alpha-numeric characters)

 

defining the group. This string is case sensitive and each group name must

 

be unique.

 

 

Password

A password is a valid character string (4 - 20 alpha-numeric characters) to

 

supplement the username in defining the potential client. This string is also

 

case sensitive.

 

 

Access Rights

Each of the NetLinx Master’s features has pre-defined security procedures.

 

The access right for a particular feature determines if a user or group has

 

access to that feature by entering a valid username and password.

 

 

The maximum length of a username or password is 20 characters. The minimum length of a username or password is four characters. Characters such as # (pound)

&(ampersand) and ’ " (single and double quotes) are invalid and should not be used in usernames, group names, or passwords.

Accessing an Unsecured Master via an HTTP Address

Refer to theUpgrading the On-board Master Firmware via an IP section on page 29 for more detailed information on how to download the latest firmware from www.amx.com. This firmware build enables SSL certificate identification and encryption, HTTPS communication, ICSP data encryption, and disables the ability to alter the Master security properties via a TELNET session.

Although Telnet security configuration access can no longer be used on a Master with this firmware, a Terminal connection (using HyperTerminal) can still be established using the Master’s USB low-speed connection (if the Telnet Port is enabled via the Manage System > Server page).

Once the Master’s IP Address has been set through NetLinx Studio version 2.4 or higher:

1.Launch your web browser.

2.Enter the IP Address of the target Master (ex: http://198.198.99.99) into the web browser’s Address field.

3.Press the Enter key on your keyboard to begin the communication process between the target Master and your computer.

Initially, the Master Security option is disabled (from within the System Security page) and no username and password is required for access or configuration.

Both HTTP and HTTPS Ports are enabled by default (via the Manage System > Server page).

4.The first active page displayed within your open browser page is Manage WebControl Connections.

Once HTTP Access is enabled for a Master; certificate verification and username and password verification must occur. Refer to theAccessing an SSL-Enabled Master via an IP Address section on page 92 for more information.

34

NI-3101-SIG Signature Series NetLinx Integrated Controller

Page 43 Page 45
Page 44
Image 44
AMX NI-3101-SIG manual NetLinx Security Terms, Accessing an Unsecured Master via an Http Address, Members of that group
Page 43 Page 45
Top Page Image Contents