APC Battery Management System - page 128

®

USER’S GUIDE

Battery Management System

121

– This method does not include the browser-based authentication

provided by a CA certificate (a certificate signed by a Certificate

Authority) as Methods 2 and 3 provide. There is no CA Certificate

cached in the browser. Therefore, whenever you log on to the

Battery Management System, the browser generates a security

alert, indicating that a certificate signed by a trusted authority is not

available and asking if you want to proceed.

– The default server certificate on the Battery Management System

has the Management Card’s serial number in place of a valid

common name (the DNS name or the IP address of the

Management Card). Therefore, although the Battery Management

System can control access to its Web interface by user name,

password, and account type (e.g., Administrator, Device Manager,

or Read-Only User), the browser cannot authenticate what master

controller’s Management Card is sending or receiving data.

– The length of the public key (RSA key) that is used for encryption

when setting up an SSL session is only 768 bits. (The public key

used in Methods 2 and 3 is 1024 bits, providing more complex

encryption and consequently a higher level of security.)

Contents

Main Contents Features of the System Getting Started Accessing the User Interfaces Battery Management Network Menu System Menu Event-related Menus Data Logging (Web interface) Boot Mode Security Using the APC Security Wizard How to Export Configuration Settings APC Device IP Configuration Wizard File Transfers Alarms Troubleshooting Product Information Index Features of the System Battery Management Capabilities System capacity Battery management features Network Management Features Supported network management applications Supported Web browsers Getting Started Initial Setup Configuring TCP/IP settings Useful terms Accessing the User Interfaces Access Procedures Access priorities among the interfaces Access priority for logging on Web i nterf ace Control console interface Structure. Local access to the control console. Teln et. Logging on. SNMP interface Password-protected Accounts Account types and access How to recover from a lost password Page Wat ch do g F eatures Network interface watchdog mechanism Resetting the network timer Battery Management Main Screen General system information Information displayed in both interfaces. Information displayed in the control console only. Battery System and Device Manager Menus Displaying data and alarms Web in terfac e. Control console. Viewing details on alarms Web interface example. Control console example. Interpreting alarm details Environment alarms. Charger alarms. Battery alarms. Management Controller alarms. Page Configuration menu Battery Type Selection. Battery Configuration. Temperature Configuration. Alarm Configuration. Calibration menu String. Unit. Modbus Reset Discharge Voltages Reset Lowest Discharge Voltages (control console). Reset Lowest Discharge Voltages (Web interface). Reset Charge Current Deviation Benchmark Reset Charge Current Deviation Benchmark (control console). The Network Menu Access Restrictions and Menu Options Access Option Settings TCP/IP Current TCP/IP settings fields. Boot mode setting. Advanced settings. Page DNS Send DNS Query (Web interface). Ping utility (control console) FTP S erv er Telnet/SSH Page Page Page Page SSH User Host Key File Page SNMP Email Syslog Syslog settings. Page Syslog test (Web interface). Syslog message format. Web/SSL Page Page Page SSL Server Configuration Page Page Expires on Page System Menu Access Restrictions and Menu Options Purpose and access Page Option Settings User Manager Use this option to define the access values shared by the control console and Web interface. RADIUS Page Configuring the RADIUS server. Identification Date & Time Set Manually. . Page Too ls Initiating an action. Uploading an initialization file (Web interface only). File Transfer (control console only). Preferences (Web interface) Links (Web interface) Use this option to modify the links to APC Web pages. About System (control console) Event-related Menus Page Event Log Logged events Accessing the log How to use FTP or SCP to retrieve log files To use SCP to retrieve the file. To use FTP to retrieve the file. Page Actions Option (Web interface only) Enabling and disabling event actions Severity levels of events Event Log action SNMP Tra ps ac tion Email action Related topics Recipients Option Tra p Rec eive rs Email Recipients Email Test Email Option Requirements for using SMTP DNS servers SMTP settings How to Configure Individual Events Options to configure individual events Event list access Event list format Event mask settings Bits 0 to 3. Bit 4 and bits 6 to 9. event: and trap receivers for the event: Bits 10 to 13. Event mask example Management Card and Battery Manager Events Event generation Discharge cycle counter Severity levels defined Management Card events Page Page Battery Management System events Page Data Logging (Web interface) Description Page Boot Mode DHCP & BOOTP boot process Page DHCP Configuration Settings Management Card settings Page DHCP response options Vendor Specific Information (option 43). Page TCP/IP options. Other options. Security Security Features Planning and implementing security features Summary of access methods Serial control console. Remote control console. SNMP. File transfer protocols. Web Se rver. Changing default user names and passwords immediately Port assignments User names, passwords, community names (SNMP) Authentication Authentication versus encryption Encryption Secure SHell (SSH) and Secure CoPy (SCP) Page Secure Sockets Layer (SSL) Page Creating and Installing Digital Certificates Purpose Choosing a method for your system Method 1: Use the Battery Management Systems auto-generated default certificate. Page Method 2: Use the APC Security Wizard to create a CA certificate and a server certificate. Page Page Page Firewalls Battery Management SystemBattery Using the APC Security Wizard Overview Authentication How certificates are used. How SSH host keys are used. Files you create for SSL and SSH security Page Create a Root Certificate & Server Certificates Create the CA root certificate. Load the CA root certificate to your browser. Create an SSL Server User Certificate. Page Page Create a Server Certificate and Signing Request Create the Certificate Signing Request (CSR). Page Import the signed certificate. Load the server certificate to the Management Card. Create an SSH Host Key Create the host key. Page Load the host key to the Management Card on the Battery Management System master controller. How to Export Configuration Settin gs Retrieving and Exporting the .ini file Summary of the procedure Contents of the .ini file Detailed procedures Retrieving. Customizing. Exporting the file to a single Battery Management System Management Card. Exporting the file to multiple Battery Management System Management Cards. The event and its error messages Messages in config.ini Errors generated by overridden values Page APC Device IP Configuration Wizard Purpose and Requirements Purpose: configure basic TCP/IP settings System requirements Page Use the Wizard Launch the Wizard Configure the basic TCP/IP settings remotely Prepare to configure the settings. Run the Wizard to perform the configuration. Configure or reconfigure the TCP/IP settings locally File Transfers Upgrading Firmware Firmware defined Benefits of upgrading firmware Obtain the latest firmware version Firmware files (Battery Management System) Firmware file transfer methods Use FTP or SCP to upgrade one Battery Management System Management Card Page Page Use FTP or SCP to upgrade multiple Battery Management System Management Cards Use XMODEM to upgrade one Battery Management System Management Card Page Verifying Upgrades and Updates Last Transfer Result codes Alarms Fault Alarm Criteria Alarm Relay and LED Operation Troubleshooting Management Card Access problems (Battery Management System Management Card) Page SNMP issues (Battery Management System Management Card) Product Information Warranty and Service Limited warranty Warranty limitations Obtaining service (service contracts) Life-Support Policy General policy Examples of life-support devices Index A B C D E F G H I J N O P R S T U V W X APC Worldwide Customer Support Copyright 990-1824A 02/2005