Table of Contents
Advertisement
Placing AdderView CATxIP 5000 alongside the firewall
The AdderView CATxIP 5000 is built from the ground-up to be secure. It
employs a sophisticated 128bit public/private key system that has been
rigorously analysed and found to be highly secure. Therefore, you can position
the AdderView CATxIP 5000 alongside the firewall and control hosts that are
also IP connected within the local network.
IMPORTANT: If you make the AdderView CATxIP 5000 accessible from the public
Internet, care should be taken to ensure that the maximum security available
is activated. You are strongly advised to enable encryption and use a strong
password. Security may be further improved by restricting client IP addresses,
using a non-standard port number for access.
Ensuring sufficient security
The security capabilities offered by the AdderView CATxIP 5000 are only
truly effective when they are correctly used. An open or weak password or
unencrypted link can cause security loopholes and opportunities for potential
intruders. For network links in general and direct Internet connections in
particular, you should carefully consider and implement the following:
• Ensure that encryption is enabled.
local configuration menu
By
or
• Ensure that you have selected secure passwords with at least 8 characters
and a mixture of upper and lower case and numeric characters.
By
global configuration
page.
• Reserve the admin password for administration use only and use a non-
admin user profile for day-to-day access.
• Use the latest Secure VNC viewer (this has more in-built security than is
available with the Java viewer). To
• Use non-standard
port
numbers.
• Restrict the range of IP addresses that are allowed to access the AdderView
CATxIP 5000 to only those that you will need to use. To
• Do NOT Force VNC protocol 3.3.
• Ensure that the computer accessing the AdderView CATxIP 5000 is clean
of viruses and spyware and has up-to-date firewall and anti-virus software
loaded that is appropriately configured.
• Avoid accessing the AdderView CATxIP 5000 from public computers.
global configuration
page.
download the
viewer.
restrict IP
access.
Security can be further improved by using the following suggestions:
• Place the AdderView CATxIP 5000 behind a firewall and use the port
numbers to route the VNC network traffic to an internal IP address.
• Review the activity log from time to time to check for unauthorised use.
• Lock your server consoles after they have been used.
A security white paper that gives further details is available upon request from
Adder Technology Limited.
Ports
In this configuration there should be no constraints on the port numbers
because the AdderView CATxIP 5000 will probably be the only device at that IP
address. Therefore, maintain the HTTP port as 80 and the VNC port as 5900.
Addressing
When the AdderView CATxIP 5000 is situated alongside the firewall, it will
require a public static IP address (i.e. one provided by your Internet service
provider).
More addressing information:
Discover DHCP-allocated addresses
DNS addressing
29
Hide quick links:
Advertisement
Table of Contents
