© 2021 AMETEK Power Quality Solutions | Technical Support 800-645-9721 | surgex.com
27
User Manual
6.
Security
Squid has been designed with security as a priority. All ports and features may be changed or disabled.
6.1
Authentication
Squid supports basic and secure authentication for users and network connections.
6.1.1 802.1X
802.1X network authentication may be enabled for networks requiring supplicant authentication.
6.1.2 SSO (Single Sign-On)
Squid users may be configured to use either Internal or SSO (Single Sign-On) authentication. Internal authentication
uses basic usernames and passwords assigned by the administrator on a per-unit basis. SSO authentication uses LDAP
(Lightweight Directory Access Protocol) to authorize users, and determine their level of privileges, using Microsoft®
Active Directory. While it is possible to use LDAP to authorize users without SSL encryption, we suggest only configuring
the connection to the authentication server using SSL encryption to plain text network traffic.
6.2
Interfaces
6.2.1 Network Interface
•
Web Server: It is possible to enable and disable the internal web server, change the security from none
(HTTP) to TLS 1.2 (HTTPS), as well as change its port. These settings also apply to the REST API.
•
SNMP: Squid supports SNMP V3 for secure communications, with the ability to enable and disable.
