1. Manuals
  2. Brands
  3. Acuity Controls Manuals
  4. Controller
  5. nLight ECLYPSE
  6. User manual

Fips 140-2 Mode; Use A Different Account For Each User; Use Unique Service Type Accounts For Each Project; Disable Known Accounts When Possible - Acuity Controls nLight ECLYPSE User Manual

Hide thumbs Also See for nLight ECLYPSE:
Table of Contents

Advertisement

Securing an ECLYPSE Controller

FIPS 140-2 Mode

Enabling FIPS 140-2 mode has an effect on account management and permissions. Once FIPS 140-2 mode is enabled,
several controller settings are reset. Therefore, it is best to enable FIPS 140-2 mode before creating accounts and assign-
ing permissions. See
FIPS 140-2
Mode.

Use a Different Account for Each User

Each user account should represent an individual user. Multiple users or user groups should not share an account.
Suspending an account shuts-off a single user's access to the controller – it does not disrupt many users.
Permissions can be tailored to the needs of each user. A shared account may have more permissions than all users
should have.
A shared account has a shared password which is more likely to be leaked.
It is harder to implement password expiration requirements.

Use Unique Service Type Accounts for Each Project

System integrators should use different credentials for each job they do. Should an attacker gain access to one system,
they cannot readily access all systems installed by the same system integrator.

Disable Known Accounts When Possible

Create a new user admin account with new credentials. It is easier to attack the default admin account when an attacker
only has to guess the password.

Assign the Minimum Required Permissions

When creating a new user account, give that account only the minimum rights to access or modify the system needed for
that user.

Use Minimum Possible Number of Admin Users

A compromised admin account can be disastrous as it allows complete access to everything. Only give a user admin privi-
leges only when absolutely necessary.

HTTPS Certificates

HTTPS is a protocol which encrypts HTTP requests and their responses. This ensures that if someone were able to com-
promise the network, they would not be able to listen in or tamper with the communications.
Make sure that HTTPS is enabled. For more information on how to enable HTTPS, see
Web Server
Access.

Certificates

Generate and install a trusted SSL certificate. Refer to
Web Server Access
for information on how to import a custom certifi-
cate.

Additional Measures

Update the Controller's Firmware to the Latest Release

Always keep the ECLYPSE controller's firmware up-to-date. The most recent firmware has the latest bug fixes, security
updates, and stability enhancements.
nLight ECLYPSE
89
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the nLight ECLYPSE and is the answer not in the manual?

Questions and answers

Related Manuals for Acuity Controls nLight ECLYPSE

Related Products for Acuity Controls nLight ECLYPSE

Table of Contents

Save PDF