Linkskey LKV-9208IP User Manual
Page 58
Prima IP User Guide Rev. 1.6
Security Level of Viewer Connections
The browser connections to the web management are always using SSL connections.
The viewer connections can use different levels of security.
Security Level (SSL):
The PRIMA IP offers three levels of security for viewer
connections. On the drop-down combo box, you can just choose either one of the
three viewer security levels as appropriate to you real demands on viewer connection
security:
•
Level 1 - No SSL encryption, no SSL authentication
•
Level 2 - 256-bit encryption, server authentication by client
•
Level 3 - 256-bit encryption, full authentication (requires the installation of
certificates)
Level 1 uses No SSL data encryption and No authentication. This is the most
straightforward setting that opens most convenience if there are no security concerns
at all. Anyone who have a viewer and an Internet connection can easily connect to
PRIMA IP as long as the user passes the password policy requests.
Level 2 uses SSL encryption for viewer connection, but only requires server
authentication by viewer client. Remote users are not require to install any
certificates on their client computers. However, the viewer connection is encrypted
with 256-bit SSL technology to ensure that all data contents transmitted via the
viewer connection are protected, including keyboard, mouse and video signals.
Level 3 uses 256-bit encryption and a bi-directional PKI authentication between
PRIMA IP server and viewer client. With this level of security, all remote users who
want to make viewer connections must install a proper client certificate on their
computer. This client certificate must come from the same CA that issued the root.crt
certificate of PRIMA IP.
There are altogether nine possible combinations of Viewer Security Levels +
Password Policies that are available for a flexibility to adapt to your security needs.
KVM Server Password:
This item will only appear if you choose to implement Level
3 security. Here you should enter the password that has been used to protect the
server private key serverkey.pem. If you use the standard set of certificates provided
by default on the Support CD ROM disc, the server password is serverpwd. However,
if you use your own set of certificates (as you should do for a real secure installation),
you must set the correct server certificate password you got from the Certificate
Authority that issued those certificates.
First, you should get a set of certificates from your administrator. If your certificates
files have different names, change them to the valid names before uploading.
To upload the certificates, click the Browse button to go to the location where your
certificates reside. Select a certificate file and then click Upload to upload your
certificates, one at a time, to the PRIMA IP. After the uploading is completed, you
should see the prompt page for reboot. However you don’t have to reboot before you
have uploaded all the necessary certificates. Just reboot once after you have
uploaded all the necessary certificates:
-54 -