Table of Contents
Advertisement
Placing SC5-4xIP alongside the firewall
The SC5-4xIP is built from the ground-up to be secure. It employs a sophisticated
128bit public/private key system that has been rigorously analysed and found to
be highly secure. Therefore, you can position the SC5-4xIP alongside the firewall
and control hosts that are also IP connected within the local network.
IMPORTANT: If you make the SC5-4xIP accessible from the public Internet, care
should be taken to ensure that the maximum security available is activated. You
are strongly advised to enable encryption and use a strong password. Security
may be further improved by restricting client IP addresses, using a non-standard
port number for access.
Ensuring sufficient security
The security capabilities offered by the SC5-4xIP are only truly effective when
they are correctly used. An open or weak password or unencrypted link can
cause security loopholes and opportunities for potential intruders. For network
links in general and direct Internet connections in particular, you should carefully
consider and implement the following:
• Ensure that encryption is enabled.
By
local configuration menu
or
• Ensure that you have selected secure passwords with at least 8 characters
and a mixture of upper and lower case and numeric characters.
global configuration
page.
By
• Reserve the admin password for administration use only and use a non-
admin user profile for day-to-day access.
• Use the latest Secure VNC viewer (this has more in-built security than is
available with the Java viewer). To
• Use non-standard
port
numbers.
• Restrict the range of IP addresses that are allowed to access the SC5-4xIP to
only those that you will need to use. To
• Do NOT Force VNC protocol 3.3.
• Ensure that the computer accessing the SC5-4xIP is clean of viruses and
spyware and has up-to-date firewall and anti-virus software loaded that is
appropriately configured.
• Avoid accessing the SC5-4xIP from public computers.
global configuration
page.
download the
viewer.
restrict IP
access.
Security can be further improved by using the following suggestions:
• Place the SC5-4xIP behind a firewall and use the port numbers to route the
VNC network traffic to an internal IP address.
• Review the activity log from time to time to check for unauthorised use.
• Lock your server consoles after they have been used.
A security white paper that gives further details is available upon request.
Ports
In this configuration there should be no constraints on the port numbers
because the SC5-4xIP will probably be the only device at that IP address.
Therefore, maintain the HTTP port as 80 and the VNC port as 5900.
Addressing
When the SC5-4xIP is situated alongside the firewall, it will require a public static
IP address (i.e. one provided by your Internet service provider).
More addressing information:
Discover DHCP-allocated addresses
DNS addressing
Advertisement
Table of Contents
