Use the Security Manager options on Control Panel to increase the security of your system.
Component |
Description |
Protocol Status |
Displays validation and approval of the protocols.
|
Enable incoming http communication |
Select to enable or disable incoming HTTP communication. Para obtener más información, consulte Encrypted Communication . |
Redirect web clients to https |
Select to redirect web clients to HTTPS. Para obtener más información, consulte Encrypted Communication . |
Allow authentication with MD5 hash |
Select to allow authentication with MD5 hash. Para obtener más información, consulte Encrypted Communication . |
Enable external content to be embedded in WebStation |
Enabling external websites to be embedded into WebStation lowers the security significantly. Do not enable external websites to be embedded into WebStation if you do not understand the security implications. Para obtener más información, consulte HTML Utilities . |
Lists external websites to be embedded into WebStation |
This setting is for internal R&D use only. The setting does not affect WebStation. |
Enable WebStation to be embedded in another site |
Select if you want WebStation to be embedded in another web site. Para obtener más información, consulte Security Configuration in WebStation . |
Website to allow access to WebStation when embedded |
This setting is for internal R&D use only. The setting does not affect WebStation. |
Enable WebStation to use unsafe string evaluated JavaScript methods like 'eval' |
Select if you have graphics written in older versions of EBO that cannot be displayed in 3.0 or later. Para obtener más información, consulte Cannot Open Graphics in WebStation . |
Enable HSTS pre-load list |
HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information. |
HSTS pre-load list max-age |
HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information. |
Content Security Policy Report |
If Content Security Policy (CSP) is used, type the address to CSP report server. |
Enable web server access logging |
Select to log all web server HTTP access to the Enterprise Server or to the Enterprise Central. Para obtener más información, consulte Web Server Access Logging . |
Cipher list |
The cipher list consists of one or more cipher strings separated by colons. The names of the known ciphers may differ depending on which OpenSSL version the server was built to use. |
Disabled protocols |
Enter the protocol you want to disable. Separate the protocols with comma. Valid protocol names are tlsv1, tlsv1_1, tlsv1_2 and tlsv1_3. Para obtener más información, consulte Configuring SSL Communication Security Settings . |
Enable remote system logging |
Select to log all log on attempts on a field server. Para obtener más información, consulte Field Server Remote System Logging . |
Protocol |
Select the protocol to use when sending log on attempts on the field server. Para obtener más información, consulte Field Server Remote System Logging . |
Address |
Type the IP address to the server that is logging the log on attempts on the field server. Para obtener más información, consulte Field Server Remote System Logging . |
Port |
Type the port number used by the server that is logging the log on attempts on the field server. Para obtener más información, consulte Field Server Remote System Logging . |
Certificates |
Click to open the Certificates manager. Para obtener más información, consulte Certificates . |
Display Security Banner |
Select On to display a security banner at log on. Para obtener más información, consulte Security Banner . |
Password policy |
Click to open the Password policy dialog box where you configure the password policy. Para obtener más información, consulte Password Policy . |
Edit Banner |
Click to open the Edit Banner dialog box to edit the security banner. Para obtener más información, consulte Edit Banner – Dialog Box . |
SSH Console Lockout after |
Select the time when the SSH lockout is released. |
Connect Agent Settings |
Click to open the Connect Agent Settings dialog box where you configure the transfer of system information and crash information of the EcoStruxure BMS servers. Para obtener más información, consulte Configuring Connect Agent Settings . |
Enable SmartDriver deployment |
Select Enable SmartDriver deployment to make it possible to deploy new SmartDriver drivers. This option does not affect already deployed SmartDriver drivers. After the deployment, you can clear the option to prevent new SmartDriver drivers from being deployed. Para obtener más información, consulte SmartDrivers Overview . |
Restrict root permission to logged in server |
Select to restrict root permissions, i.e. ”/”, to the logged on server and its children servers. |
Enable federated authentication |
Select to enable federated authentication. Para obtener más información, consulte Federated Authentication . |
Invalid certificate settings for server to server communication |
Select Generate alarm to trigger an alarm if the server communication certificate is invalid. Select Block traffic to block traffic if the server communication certificate is invalid. |