DX8100 SECURITY
INTERNET PROTOCOL SECURITY
The DX8100 features
IPSec is enabled by default on the DX8100; however a system administrator can disable the service if it is deemed necessary for the proper functioning of the unit.
WARNING: Disabling IPSec services will expose your DX8100 Series DVR to potentially damaging network traffic. It is highly recommended that IPSec is enabled at all times for the protection of your system.
To disable IPSec services on the DX8100 Series DVR:
1.Exit the DX8100 application if it is running, and return to the Windows operating system.
2.Go to Start > Programs > Manage IPSec Policy. The DX8100 IPSec Policy dialog box opens.
Figure 22. DX8100 IPSec Policy Dialog Box
3.Deselect the Enable DX8100 IPSec Policy check box. Reselect the Enable DX8100 IPSec Policy check box to
4.Click OK.
FIREWALLS
The DX8100 includes the Windows firewall that comes with Service Pack 2 for Windows XP. The security services provided by the Windows Firewall protects the DX8100 from unwanted or potentially damaging network requests. With the Windows Firewall and IPSec enabled, the DX8100 DVR will not respond to any unsecured communication across the network. However, there are potential risks to which you should be aware. The Windows Firewall does not block all ports. For a list of ports required for operation, refer to DX8100 Network Ports on page 19.
Pelco recommends that an external network firewall be used. The network firewall will provide additional protection for the DX8100. Regardless of which port or service is under attack, the port must be open or at least visible in order for the malicious program to exploit it. Firewalls filter and render all unneeded ports invisible, providing excellent protection against such attacks. Networked systems exposed in anyway to the outside world (for example, when connected to the Internet) should be equipped with
18 |
