Interface utilisateur
Security Settings – Control Panel
Use the Security Manager options on Control Panel to increase the security of your system.
|
Component |
Description |
|
Protocol Status |
Displays validation and approval of the protocols.
|
|
Enable incoming http communication |
Select to enable or disable incoming HTTP communication. Pour plus d'informations, voir Encrypted Communication . |
|
Redirect web clients to https |
Select to redirect web clients to HTTPS. Pour plus d'informations, voir Encrypted Communication . |
|
Allow authentication with MD5 hash |
Select to allow authentication with MD5 hash. Pour plus d'informations, voir Encrypted Communication . |
|
Enable external content to be embedded in WebStation |
Enabling external websites to be embedded into WebStation lowers the security significantly. Do not enable external websites to be embedded into WebStation if you do not understand the security implications. Pour plus d'informations, voir HTML Utilities . |
|
Lists external websites to be embedded into WebStation |
This setting is for internal R&D use only. The setting does not affect WebStation. |
|
Enable WebStation to be embedded in another site |
Select if you want WebStation to be embedded in another web site. Pour plus d'informations, voir Security Configuration in WebStation . |
|
Website to allow access to WebStation when embedded |
This setting is for internal R&D use only. The setting does not affect WebStation. |
|
Enable WebStation to use unsafe string evaluated JavaScript methods like 'eval' |
Select if you have graphics written in older versions of EBO that cannot be displayed in 3.0 or later. Pour plus d'informations, voir Cannot Open Graphics in WebStation . |
|
Enable HSTS pre-load list |
HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information. |
|
HSTS pre-load list max-age |
HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information. |
|
Content Security Policy Report |
If Content Security Policy (CSP) is used, type the address to CSP report server. |
|
Enable web server access logging |
Select to log all web server HTTP access to the Enterprise Server or to the Enterprise Central. Pour plus d'informations, voir Web Server Access Logging . |
|
Cipher list |
The cipher list consists of one or more cipher strings separated by colons. The names of the known ciphers may differ depending on which OpenSSL version the server was built to use. |
|
Disabled protocols |
Enter the protocol you want to disable. Separate the protocols with comma. Valid protocol names are tlsv1, tlsv1_1, tlsv1_2 and tlsv1_3. Pour plus d'informations, voir Configuring SSL Communication Security Settings . |
|
Enable remote system logging |
Select to log all log on attempts on a field server. Pour plus d'informations, voir Field Server Remote System Logging . |
|
Protocol |
Select the protocol to use when sending log on attempts on the field server. Pour plus d'informations, voir Field Server Remote System Logging . |
|
Address |
Type the IP address to the server that is logging the log on attempts on the field server. Pour plus d'informations, voir Field Server Remote System Logging . |
|
Port |
Type the port number used by the server that is logging the log on attempts on the field server. Pour plus d'informations, voir Field Server Remote System Logging . |
|
Certificates |
Click to open the Certificates manager. Pour plus d'informations, voir Certificates . |
|
Display Security Banner |
Select On to display a security banner at log on. Pour plus d'informations, voir Security Banner . |
|
Password policy |
Click to open the Password policy dialog box where you configure the password policy. Pour plus d'informations, voir Password Policy . |
|
Edit Banner |
Click to open the Edit Banner dialog box to edit the security banner. Pour plus d'informations, voir Edit Banner – Dialog Box . |
|
SSH Console Lockout after |
Select the time when the SSH lockout is released. |
|
Connect Agent Settings |
Click to open the Connect Agent Settings dialog box where you configure the transfer of system information and crash information of the EcoStruxure BMS servers. Pour plus d'informations, voir Configuring Connect Agent Settings . |
|
Enable SmartDriver deployment |
Select Enable SmartDriver deployment to make it possible to deploy new SmartDriver drivers. This option does not affect already deployed SmartDriver drivers. After the deployment, you can clear the option to prevent new SmartDriver drivers from being deployed. Pour plus d'informations, voir SmartDrivers Overview . |
|
Restrict root permission to logged in server |
Select to restrict root permissions, i.e. ”/”, to the logged on server and its children servers. |
|
Enable federated authentication |
Select to enable federated authentication. Pour plus d'informations, voir Federated Authentication . |
|
Invalid certificate settings for server to server communication |
Select Generate alarm to trigger an alarm if the server communication certificate is invalid. Select Block traffic to block traffic if the server communication certificate is invalid. |
Encrypted Communication
Field Server Remote System Logging
Certificates
Security Configuration in WebStation
Cannot Open Graphics in WebStation
Password Policy
Web Server Access Logging
Security Banner
Configuring Connect Agent Settings
Configuring SSL Communication Security Settings
Edit Banner – Dialog Box
SmartDrivers Overview
Federated Authentication