Security; User Authentication & Authorisation; User Management; User Class - GE Digital Energy 1018959 Operating Manual

Digital energy snmp / web adapter
Hide thumbs Also See for Digital Energy 1018959:
Table of Contents

Advertisement

8

SECURITY

As any other device connected to a network, the adapters are exposed to security threats. This section
details the advanced security features provided by the SNMP/Web adapters. Users should use the
information provided in this section to correctly configure the cards and implement all security features
deemed appropriate to the installation environment.
8.1
USER AUTHENTICATION & AUTHORISATION
In this context, authentication means establishing the digital identity of anyone attempting to access
the adapters though one of the available interfaces. Most of the supported protocols implement a
username/password pair as a mean for user identification.
This is different from authorisation, which means verifying whether a user is allowed to have access to
data or specific services.
The SNMP/Web adapters allow making full use of both protection mechanisms.

8.1.1 User Management

The adapters come with a predefined supervisor user, whose default username and password are ge
and ge. New users can then be created using either the console or the web interface.
NOTE Only the supervisor user can create new users.
To create a new user, the following information shall be specified:
Username / password
User class (access rights)
Available services

8.1.2 User class

Users are divided in three separate classes based on access rights.
Supervisor
Read/write access
(rw)
Read-only access
(ro)

8.1.3 Selective service activation

The SNMP/Web adapters allow selective service activation – that is, the various interfaces can be
enabled on a user basis. For each user, access to the following services can be enabled:
http
Web interface
telnet
Remote console interface
ftp
File transfer
Modifications reserved
OPM_CNT_SNM_BAS_CRD_1GB_V014.doc
Predefined user; it can be renamed but not deleted; it cannot be created
(only one supervisor user is allowed).
This user has all access rights. It is the only user who can perform user
management (creation/deletion of users).
Access with read/write rights. Can access and modify all setting with the
exception of user management.
These access rights should be restricted to professional users (e.g. Network
Administrators).
Access only for reading. Can access most settings but cannot modify them.
Most users are expected to be created with this profile.
Controls access with HTTP and HTTPS protocols
Controls access with Telnet and SSH (Secure SHell) protocols
Controls access with FTP and SFTP (Secure FTP) protocols
Page 54/69
Operating Manual SNMP/Web Adapter

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents