Specifications

NetLinx Security within the Web Server

NetLinx Security - Web Server

NetLinx Security within the Web Server

NetLinx Masters (installed with firmware build 300 or higher) incorporate new built-in security

for: HTTPS and Terminal sessions (enhanced with SSL and SSH respectively), ICSP data

verification/encryption, and Server Port configuration. By using both SSL certificate verification

and encryption over a secured HTTP (HTTPS) connection; this version of NetLinx firmware

provides users with a more convenient web-based method of securing both the Master and its data

communications. Additional features in this release are the use of both authentication protocols and

the ability to perform online NetLinx Diagnostics via the web server.

Terminal setup and security configuration is still valid and supported in this build of the

NetLinx Master firmware.

This NetLinx Web Server is used to power Master security, data encryption, and SSL certificate/

encryption features on current AMX Masters such as the ME260/64 and NI-Series of Controllers.

This web server not only provides username and password security for the target Master, but also a

new level of secure encryption for ICSP data communication among the various AMX software and

hardware components. New security features for the Masters include:

 Enhanced Username and Password requirements

 HTTPS and SSL certificate interaction

 Use of a pre-installed AMX SSL certificate

 ICSP communication and encryption

The first layer of security for the Master is to prompt a user to enter a valid username and password

before gaining access to a secured feature on the target Master. This data is pre-configured by the

administrator within the Group and User Level pages of the Security section. If an option is

enabled within the System Security page, a user is prompted to enter a valid username and

password before gaining access to the corresponding feature. This access is only granted if their

information matches a previously created profile assigned sufficient rights for that action. An

already logged in user can enter a new profile by using the Login field to enter a new profile’s

username and profile.

 This username and password information is also used by both G4 touch panels (within the

System Connection firmware page) and AMX software applications such as NetLinx

Studio v 2.4 (via the Master Communications dialog) to communicate securely with a

Master using encrypted communication.

The second layer of security uses a combination of secure HTTP (HTTPS) communication and SSL

encryption to secure data being transferred from the web server application and the target Master.

After the installation of build 300 or higher to your Master, Telnet security configuration access is

disabled and the Master becomes capable of communicating via an HTTPS connection. This new

build migrates the NetLinx Master security setup from a TELNET environment to a secure

web-based application.

If your Master is using a lower firmware version, please review the related product documentation

located within the Archived Manuals section of the AMX Technical Publications support page.