119
minimum set of permissions to them.
9.
Disable Unnecessary Services and Choose Secure Modes
If not needed, it is recommended to turn off some services such as SNMP, SMTP, UPnP, etc., to
reduce risks.
If necessary, it is highly recommended that you use safe modes, including but not limited to the
following services:
●
SNMP: Choose SNMP v3, and set up strong encryption passwords and authentication
passwords.
●
SMTP: Choose TLS to access mailbox server.
●
FTP: Choose SFTP, and set up strong passwords.
●
AP hotspot: Choose WPA2-PSK encryption mode, and set up strong passwords.
10.
Audio and Video Encrypted Transmission
If your audio and video data contents are very important or sensitive, we recommend that you
use encrypted transmission function, to reduce the risk of audio and video data being stolen
during transmission.
Reminder: encrypted transmission will cause some loss in transmission efficiency.
11.
Secure Auditing
●
Check online users: we suggest that you check online users regularly to see if the device is
logged in without authorization.
●
Check device log: By viewing the logs, you can know the IP addresses that were used to log in
to your devices and their key operations.
12.
Network Log
Due to the limited storage capacity of the device, the stored log is limited. If you need to save the
log for a long time, it is recommended that you enable the network log function to ensure that
the critical logs are synchronized to the network log server for tracing.
13.
Construct a Safe Network Environment
In order to better ensure the safety of device and reduce potential cyber risks, we recommend:
●
Disable the port mapping function of the router to avoid direct access to the intranet devices
from external network.
●
The network should be partitioned and isolated according to the actual network needs. If
there are no communication requirements between two sub networks, it is suggested to use
VLAN, network GAP and other technologies to partition the network, so as to achieve the
network isolation effect.
●
Establish the 802.1x access authentication system to reduce the risk of unauthorized access to
private networks.
●
Enable IP/MAC address filtering function to limit the range of hosts allowed to access the
device.
Содержание VTH2421F Series
Страница 1: ...Digital VTH 4 6 version User s Manual V1 0 0...
Страница 12: ...4 1 1 5 VTH5421E Series Figure 1 5 Front panel 1 1 6 VTH5421H Series Figure 1 6 Front panel...
Страница 13: ...5 1 1 7 VTH8621K Series Figure 1 7 Front panel...
Страница 43: ...35 Figure 2 32 Monitoring image SD card is needed for recording and snapshot otherwise the icons will be gray...
Страница 75: ...67 Figure 3 37 DMSS onscreen prompt Figure 3 38 QR Code without DMSS QR code...
Страница 101: ...93 Figure 4 8 Monitor screen Step 2 Tap select the VTO from the channel list as needed...
Страница 125: ...117 Figure 5 18 Obtain the QR code Figure 5 19 Obtain the QR code 2...