User's Manual
Table Of Contents
- Part A – Preface
- Safety Information
- Revision History
- Important Information
- Compliance Information
- Part B – Feature Overview
- Introduction
- Features and Benefits
- Q Data Radio Range
- Part C – System Topologies & Operating Modes
- System Topologies
- Operating Modes
- Part D – Feature Detail
- Hardware
- Efficiency and Bandwidth
- Connectivity
- Ease of Use
- Security
- Part E – Radio Planning and Design
- Radio Path analysis
- BER & Fade Margin
- Radio Accessories
- RF Feeders and Protection
- Part F – Quick Reference Guide
- Introduction
- Half Duplex Radio - QR450
- Full Duplex Radio - QB450
- Hot Standby Half Duplex Radio - QP450
- Hot Standby Full Duplex Radio - QH450
- LED indicators
- Connecting Antennas
- Communication Ports
- Activating Transmitter
- Factory Default
- Digital I/O
- Connecting to Web User Interface (WUI)
- Resolving Ethernet Connection Issues
- Part G– Quick Start Guide
- Step-by-Step Point to Point Setup
- Step-by-Step eDiags Setup
- System Topology Configuration
- Serial and MODBUS
- Single Frequency (Simplex) Mode
- E-Series Emulation Mode
- Part H – Advanced
- Connectivity
- Ease of Use
- Security
- Part I – Installation & Commissioning
- Optimising the Antenna for Rx Signal
- Commissioning
- Part J – Firmware Updating and Maintenance
- Firmware Updating
- Global Firmware Updating
- Fuse Replacement - QR450
- Part K – Open Source License Acknowledgements
- Part L – Support Options
39
Document Number: 0100SM1401 Issue: 05-15
Unsecured Network
• SSH will help to prevent “man in the
middle” attacks over Insecure networks.
• All traffic between the client and TUI is
encrypted.
Network Management PC
• Running SSH client software (i.e. Putty) which
authenticates with the SSH server (i.e. remote
radio).
• Authentication occurs by comparing device
fingerprint with fingerprint stored in client’s register.
• Once the SSH server is authenticated, the SSH
client will establish an encrypted terminal session
with the TUI (Text User Interface) that allows for
configuration and diagnostics.
Remote Devices
• Embedded Secure Shell (SSH) server provides
access to the text user interface.
• Encryption will be used to communicate with an
SSH client during a configuration session.
• Once an SSH client has established a session to
the SSH server, the client will not be granted access
to the configuration until the pre-configured user
name and password has been entered.
Secure Shell (SSH)
SSH provides a secure and authenticated method for remotely accessing the Q data radios text user interface (TUI) for
configuration and diagnostics.
To access Q data radios via SSH, the network management PC requires an SSH-capable program (ie: Putty).
All traffic over the SSH connection is encrypted.
During the first connection to the SSH terminal software, a “fingerprint” of the remote device is taken and stored on the
Network Management PC. This allows for authentication in the future.
The SSH session also requires the user to enter a user name and password for authorised access to the TUI.
SSH example:
Security
Password Protection
Configuration information can be protected by a user-defined login name and password. When a password is set, the
programmer will request the password each time the radio is read. No configuration information can be displayed or changed
without the entry of the correct password.
AES encryption
The 256-bit AES encryption feature can provide an encrypted channel that helps to prevent eaves-dropping and snooping.
The effort for configuration is minimal as the radio automatically adjusts, to keep packet transport compatible (i.e.: MODBUS
messages are not broken up). Enabling encryption requires additional overhead depending on packet sizes being sent.
Part D – Feature Detail