Security planning
ptp-450 (July 2014)
2-85
Security planning
This section describes how to plan for PTP 450 networks to operate in secure mode.
Isolating BHMs from the Internet
Ensure that the IP addresses of the BHMs in your network
are not routable over the Internet.
do not share the subnet of the IP address of your user.
RFC 1918, Address Allocation for Private Subnets, reserves for private IP networks three blocks of IP addresses
that are not routable over the Internet:
/8 subnets have one reserved network, 10.0.0.0 to 10.255.255.255.
/16 subnets have 16 reserved networks, 172.16.0.0 to 172.31.255.255.
/24 subnets have 256 reserved networks, 192.168.0.0 to 192.168.255.255.
Managing module access by passwords
Adding a user for access to a module
From the factory, each module has a preconfigured administrator-level account in the name
root
, which initially
requires no associated password. This is the same
root
account that you may have used for access to the module
by
ftp
. When you upgrade a module
an account is created in the name
admin
.
both
admin
and
root
inherit the password that was previously used for access to the module:
o
the
Full Access
password, if one was set.
o
the
Display-Only Access
password, if one was set and no Full Access password was set.
If you use Wireless Manager, do not delete the root account from any module. If you use an NMS that
communicates with modules through SNMP, do not delete the root account from any module unless you first can
confirm that the NMS does not rely on the root account for access to the modules.
Each module supports four or fewer user accounts, regardless of account levels. The available levels are
ADMINISTRATOR, who has full read and write permissions. This is the level of the
root
and
admin
users,
as well as any other administrator accounts that one of them creates.
INSTALLER, who has permissions identical to those of ADMINISTRATOR except that the installer cannot
add or delete users or change the password of any other user.
TECHNICIAN, who
GUEST, who has no write permissions and only a limited view of General Status tab
Summary of Contents for PTP 450 series
Page 1: ...Cambium PTP 450 User Guide System Release 13 2...
Page 20: ......