User guide

ManualsBrandsADDER ManualsComputer equipmentAdderView CATx EPS-S8

 









Placing AdderView CATxIP 5000 alongside the ﬁrewall

The AdderView CATxIP 5000 is built from the ground-up to be secure. It

employs a sophisticated 128bit public/private key system that has been

rigorously analysed and found to be highly secure. Therefore, you can position

the AdderView CATxIP 5000 alongside the ﬁrewall and control hosts that are

also IP connected within the local network.

IMPORTANT: If you make the AdderView CATxIP 5000 accessible from the public

Internet, care should be taken to ensure that the maximum security available

is activated. You are strongly advised to enable encryption and use a strong

password. Security may be further improved by restricting client IP addresses,

using a non-standard port number for access.

Ensuring sufﬁcient security

The security capabilities offered by the AdderView CATxIP 5000 are only

truly effective when they are correctly used. An open or weak password or

unencrypted link can cause security loopholes and opportunities for potential

intruders. For network links in general and direct Internet connections in

particular, you should carefully consider and implement the following:

• Ensurethatencryptionisenabled.

By local conﬁguration menu or global conﬁguration page.

• Ensurethatyouhaveselectedsecurepasswordswithatleast8characters

and a mixture of upper and lower case and numeric characters.

By global conﬁguration page.

• Reservetheadminpasswordforadministrationuseonlyanduseanon-

admin user proﬁle for day-to-day access.

• UsethelatestSecureVNCviewer(thishasmorein-builtsecuritythanis

available with the Java viewer). To download the viewer.

• Usenon-standardport numbers.

• RestricttherangeofIPaddressesthatareallowedtoaccesstheAdderView

CATxIP 5000 to only those that you will need to use. To restrict IP access.

• DoNOTForceVNCprotocol3.3.

• EnsurethatthecomputeraccessingtheAdderViewCATxIP5000isclean

of viruses and spyware and has up-to-date ﬁrewall and anti-virus software

loaded that is appropriately conﬁgured.

• AvoidaccessingtheAdderViewCATxIP5000frompubliccomputers.

Security can be further improved by using the following suggestions:

• PlacetheAdderViewCATxIP5000behindarewallandusetheport

numbers to route the VNC network trafﬁc to an internal IP address.

• Reviewtheactivitylogfromtimetotimetocheckforunauthoriseduse.

• Lockyourserverconsolesaftertheyhavebeenused.

A security white paper that gives further details is available upon request from

Adder Technology Limited.

Ports

In this conﬁguration there should be no constraints on the port numbers

because the AdderView CATxIP 5000 will probably be the only device at that IP

address. Therefore, maintain the HTTP port as 80 and the VNC port as 5900.

Addressing

When the AdderView CATxIP 5000 is situated alongside the ﬁrewall, it will

require a public static IP address (i.e. one provided by your Internet service

provider).

More addressing information:

Discover DHCP-allocated addresses

DNS addressing