Manuals / APC / Computer Equipment / Network Card

APC AP9312THi manual Security, Authentication

Models: AP9312TH AP9312THi

1 32

Download 32 pages 51.2 Kb

Page 30

Security

Authentication

Authentication	The Environmental Monitoring Unit controls access by providing basic
versus encryption	authentication through user names, passwords, and IP addresses, but
	provides no type of encryption. These basic security features are
	sufficient for most environments, in which sensitive data is not being
	transferred. To ensure that data and communication between the
	Environmental Monitoring Unit and the client interfaces, such as Telnet
	and the Web browser, cannot be captured, you can provide a greater
	level of security by enabling MD5 authentication for the Web interface.
	See MD5 authentication (Web interface) on this page.
MD5	The Web interface option for MD5 authentication enables a higher level
authentication	of access security than the basic HTTP authentication scheme. The
(Web interface)	MD5 scheme is similar to CHAP and PAP remote access protocols.
	Enabling MD5 implements the following security features:
	• The Web server requests a user name and a password phrase
	(distinct from the password). The user name and password
	phrase are not transmitted over the network, as they are in
	basic authentication. Instead, a Java login applet combines the
	user name, password phrase, and a unique session challenge
	number to calculate an MD5 hash number. Only the hash
	number is returned to the server to verify that the user has the
	correct login information; MD5 authentication does not reveal
	the login information.
	• In addition to the login authentication, each form post for
	configuration or control operations is authenticated with a
	unique challenge and hash response.
	• After the authentication login, subsequent page access is
	restricted by IP addresses and a hidden session cookie. (You
	must have cookies enabled in your browser.) Pages are
	transmitted in their plain-text form, with no encryption.
	If you use MD5 authentication, which is available only for the Web
	interface, disable the less secure interfaces, including Telnet, FTP, and
	SNMP. For SNMP, you can disable write-only access so that read
	access and trap facilities are still available. For additional information on
	MD5 authentication, see RFC document #1321 at the Web site of the
	Internet Engineering Task Force. For CHAP, see RFC document #1994.
Firewalls	Although MD5 authentication provides a much higher level of security
	than the plain-text access methods, complete protection from security
	breaches is almost impossible to achieve. Well-configured firewalls are
	an essential element in an overall security scheme.
	Continued on next page

Environmental Monitoring Unit: User’s Guide

26

Image 30

APC AP9312THi manual Security, Authentication

Contents

Environmental Monitoring Unit Contents Environmental Monitoring UnitContents Security Features AuthenticationManaging the Unit IntroductionManaging the Unit LEDs and the Reset ButtonReset button and two LEDs are on the front panel Environmental Monitoring UnitWeb Interface By default, for both Control ConsoleNavigating the menus Menus Password-Protected User AccountsAccount access to Management Account TypeMenu Items This section provides information on the following menusEnvironmental Monitoring Temperature and humidity sensed by up to two probesMenu Items PurposeStatus firmware ConfigurationStatus contacts Status section also reports the firmware versionEvents Event To delete the Event Log, type del event.txt. FTP confirmsDeletion Option on the Network menu insteadNetwork Network menu provides access to the configurable networkSettings For the Tftp and FTP Client and FTP ServerTelnet/Web TelnetWeb Snmp Email Control Console onlyEvents menu instead Menu But the Device Manager can configure only the EnvironmentalSystem User ManagerValues. The following items are configurable IdentificationDate/Time Display the current transfer settings File TransferTools Configure the User LinksConfigure the APC Links Links WebHelp Configuring and Using Email Notification Configuring Email RecipientsConfiguring and Using Email Notification Configuring Smtp and DNS SettingsManaging the Unit with Snmp Snmp InterfaceManaging the Unit with Snmp Using the OIDsUse the read-only mUpsEnviron OIDs to view temperature Humidity valuesSecurity Features SecurityAuthentication SecurityInterface Security Access MethodsAPC Worldwide Customer Support