User's Manual
64
Add users properly according to business and management needs, and allocate minimum
sets of permissions to them.
9. Turn off Unnecessary Services and Use Safe Modes
If not needed, SNMP, SMTP and UPnP can be turned off to reduce the risks for the
device.
If necessary, it is strongly recommended to use safe modes, including but not limited to:
SNMP: Select SNMP v3 and set a stronger encryption password and authentication
password.
SMTP: Select TLS to access to the email server.
FTP: Select SFTP and set a strong password.
AP hotspot: Select WPA2-PSK encryption mode and set a strong password.
10. Audio and Video Encrypted Transmission
If your audio/video data includes important or sensitive contents, use encrypted
transmission to make it more difficult for someone to steal your data.
11. Security Audit
Review online users: Do this from time to time to find out illegal login, if any.
Review device log: This gives you the IP data of a device trying to login and the critical
operation information of users already in the login status.
12. Network Log
Limited storage capacity of the device cannot store many logs for a long time. If you need
to save logs for long, enable online log to ensure key logs are synced to the online log
server for easy back tracking.
13. Building Safe Network Environment
To keep the device safer and reduce network risks, we recommend you to:
Turn off the port mapping of the router to prevent external networks from directly
accessing services of router intranet devices.
Divide network into different partitions as needed: If two subnetworks do not have to
establish communications, use VLAN or gatekeeper for network division.
Build up the 802.1x access authentication to reduce the risk of illegal terminals
connecting with your private networks.
Enable device IP/MAC address filtering to limit the hosts that can access the device.