Netlinx security with a terminal connection, Overview, Netlinx security features – AMX Signature Series NetLinx Integrated Controller NI-3101-SIG User Manual

NetLinx Security with a Terminal Connection

99

NI-3101-SIG Signature Series NetLinx Integrated Controller

NetLinx Security with a Terminal Connection

Overview

NetLinx Masters currently have built-in security capabilities. They require a user entering a valid username
and password to access the NetLinx System’s Telnet, HTTP, ICSP, and FTP services.
The security capabilities are configured and applied via a Telnet connection or the NetLinx Master’s RS-232/
USB terminal interface (the RS232/USB Configuration Port).

NetLinx Security Features

NetLinx security allows a qualified user to define access rights for users or groups.

The following table lists the NetLinx features that the administrator (or other 'qualified' user) may grant or
deny access to.

Initial Setup via a Terminal Connection

Security administration and configuration is done via a Terminal communication through the RS232/USB
Configuration Port on the NetLinx Master. If connecting to the target Master via the TCP/IP (Winsock)
option, some command sets (such as the security setup) will not be available. If a valid IP connection method
has been made to the Master, making changes to the parameters via the browser-based UI pages is highly
recommended.

Always use the RS232/USB Configuration Port when entering potentially sensitive security
information. The Telnet server interface exposes this security information to the LAN in clear text
format, which could be intercepted by an unauthorized LAN client. Using the RS232/USB
Configuration Port offers security during the configuration of the database due to the physical
proximity of the user to the system.

A "User" represents a single potential client of the NetLinx Master, while a "Group" represents a
logical collection of users. Any properties possessed by groups (i.e., access rights, directory
associations, etc.) are inherited by all the members of the group.

NetLinx Security Features

NetLinx Master Security Configuration The user has access to the security configuration commands of the

Master. Only those users with security configuration access rights
granted will have access to the security configuration
commands.

Telnet Security

The user has access to the Telnet server functionality. All basic
commands are available to the user.

Terminal (RS232/USB) Security

The user has access to the Terminal server functionality through the
USB connector. All basic commands are available to the user.

HTTP (web server) Security

The user has access to the HTTP server functionality. Directory
associations assign specific directories/files to a particular user.

FTP Security

The user has access to the FTP server functionality. Only the
administrator account has access to the root directory; all other
'qualified' clients are restricted to the /user/ directory and its 'tree'.

ICSP

The user has access to the ICSP communication functionality.
Communication and encryption rights are available to an authorized
user.

ICSP Encryption

The user has access to the ICSP data encryption functionality.
Enabling encryption of ICSP data requires that both:
- AMX hardware or software communicating with the target
Master provide a valid username and password.
- All communication is encrypted.