Table of Contents
Advertisement
For details, refer to Section 4.14, User Management – Mange User Accounts, Radius
Accounting and Remote Authentications.
You don't have to reboot each time when you finish uploading one certificates. You could do one
complete reboot at the end when you finish uploading all of them. To return to the previous Security page
for uploading another certificate just click its hyperlink on the left frame of the browser window.
Viewer Security Connection Level :
TK-IP101 offers three levels of security for viewer connection. On the drop-down
combo box, you can just choose either one of the three viewer security levels as
appropriate to your real demands on viewer connection security:
Level 1 - No SSL encryption, no SSL authentication
Level 2 - 256-bit encryption, server authentication by client
Level 3 - 256-bit encryption, full authentication (requires the installation of certificates)
Level 1 uses No SSL data encryption and No authentication. This is the most straightforward
setting that opens most convenience if there are no security concerns at all. Anyone who have
a viewer and internet connection could easily connect to TK-IP101 as long as the user passes
the policy requests.
Level 2 uses SSL encryption for viewer connection, but only requires server-side
authentication by viewer client. That is, remote users who want to make viewer connections
are not require to install certificates on their client computers. However, the viewer connection
is encrypted with 256-bit SSL technology to ensure any data contents transmitted via the
viewer connection is protected, including keyboard, mouse and video signals.
Level 3 uses 256-bit encryption as well a bi-directional PKI authentication between TK-IP101
server and viewer client. With this level of setting, all remote users who want to make viewer
connection at all, should require installation of a proper client certificate, which is signed by
the same private key of the CA that issues the root.crt and server.crt of TK-IP101.
There are altogether nine possible combinations of Viewer Security Levels + Password Policies that are
available for a flexibility to adapt to your security needs.
TK-IP101 server password : Here you should enter the password that has encrypted
the server private key in the server private key file, serverkey.pem. You should
enter the correct server password here in order to make successful viewer
connection with TK-IP101 in level 3 security setting - 256-bit encryption, full
authentication (requires the installation of certificates).
By default, the server private key is serverpwd, if you use the standard set of
certificates provided on the Support CD ROM disc.
However, if you use your own set of certificates, you should get the correct server
password from the Certificate Authority that issues those certificates.
User Password Policy :
TK-IP101 offers three types of password policies On the drop-down combo box, you
can select your password policy for viewer connections:
No Password
Global Password
User Password
-
-
81
Advertisement
Table of Contents
