background image

 

16 

the risk of ARP spoofing. 

8.

 

Assign Accounts and Privileges Reasonably 

According to business and management requirements, reasonably add users and assign a 
minimum set of permissions to them. 

9.

 

Disable Unnecessary Services and Choose Secure Modes 

If not needed, it is recommended to turn off some services such as SNMP, SMTP, UPnP, etc., to 
reduce risks. 
If necessary, it is highly recommended that you use safe modes, including but not limited to the 
following services: 

 

SNMP: Choose SNMP v3, and set up strong encryption passwords and authentication 
passwords. 

 

SMTP: Choose TLS to access mailbox server. 

 

FTP: Choose SFTP, and set up strong passwords. 

 

AP hotspot: Choose WPA2-PSK encryption mode, and set up strong passwords. 

10.

 

Audio and Video Encrypted Transmission 

If your audio and video data contents are very important or sensitive, we recommend that you 
use encrypted transmission function, to reduce the risk of audio and video data being stolen 
during transmission. 
Reminder: encrypted transmission will cause some loss in transmission efficiency. 

11.

 

Secure Auditing 

 

Check online users: we suggest that you check online users regularly to see if the device is 
logged in without authorization. 

 

Check device log: By viewing the logs, you can know the IP addresses that were used to log 
in to your devices and their key operations. 

12.

 

Network Log 

Due to the limited storage capacity of the device, the stored log is limited. If you need to save 
the log for a long time, it is recommended that you enable the network log function to ensure 
that the critical logs are synchronized to the network log server for tracing. 

13.

 

Construct a Safe Network Environment 

In order to better ensure the safety of device and reduce potential cyber risks, we recommend: 

 

Disable the port mapping function of the router to avoid direct access to the intranet 
devices from external network. 

 

The network should be partitioned and isolated according to the actual network needs. If 
there are no communication requirements between two sub networks, it is suggested to 
use VLAN, network GAP and other technologies to partition the network, so as to achieve 
the network isolation effect. 

 

Establish the 802.1x access authentication system to reduce the risk of unauthorized access 
to private networks. 

 

Enable IP/MAC address filtering function to limit the range of hosts allowed to access the 
device. 

Содержание SG4028

Страница 1: ...16 24 Port Managed Gigabit Switch Quick Start Guide V1 0 0...

Страница 2: ...23 Privacy Protection Notice As the device user or data controller you might collect the personal data of others such as their face fingerprints and license plate number You need to be in compliance w...

Страница 3: ...the functions operations and technical data If there is any doubt or dispute we reserve the right of final explanation Upgrade the reader software or try other mainstream reader software if the manual...

Страница 4: ...away from dampness dust and soot Put the device in a well ventilated place and do not block its ventilation Use an adapter or cabinet power supply provided by the manufacturer The power supply must co...

Страница 5: ...nd temperature conditions Do not drop or splash liquid onto the device and make sure that there is no object filled with liquid on the device to prevent liquid from flowing into it This is a class A p...

Страница 6: ...on 6 1 2 Features 6 1 3 Typical Application 6 2 Structure 8 2 1 Front Panel 8 2 2 Rear Panel 9 3 Installation 10 3 1 Installing the Device 10 3 2 Wiring 10 3 2 1 Ethernet Port 10 3 2 2 Console Port 11...

Страница 7: ...d overcurrent from power input terminals the switch effectively resists interference from static electricity lightning and pulses It also has powerful network management functions supporting IGMP Snoo...

Страница 8: ...7 Figure 1 1 Networking application...

Страница 9: ...net ports support 10 100 1000 Mbps self adaptive 2 optical ports support 1000 Mbps self adaptive 3 Reset button Press and hold the button for 5 s to reset the device and restore to default configurati...

Страница 10: ...9 2 2 Rear Panel Figure 2 3 Rear panel Table 2 2 Rear panel description No Name Description 1 Power socket Supports 100 240 VAC 2 Vent Improve the cooling performance 3 Ground terminal GND...

Страница 11: ...e 3 2 Ethernet port pin number 10 100 1000 Mbps Base T Ethernet port adopts standard RJ 45 port Equipped with self adaptation function it can be automatically configured to full duplex half duplex ope...

Страница 12: ...lling 9 pin serial port are connected with RJ 45 DB9 cable You can call the console software of the device by operating the superterminal software of the Windows system for device configuration mainte...

Страница 13: ...the antistatic gloves and the antistatic wrist strap are in good contact Figure 3 6 SFP module structure Figure 3 7 SFP module installation Procedure Step 1 Lift the handle of SFP module upward vertic...

Страница 14: ...d of the GND cable with the cold pressed terminal and then fix it on the enclosure GND with the GND screw The other end of the GND cable should be reliably connected to the ground The sectional area o...

Страница 15: ...4 Quick Operation You can log in to webpage of the device via the following IP address Table 4 1 Device factory default Parameter Description IP address 192 168 1 110 Username admin Password User Defi...

Страница 16: ...abinet and implement well done access control permission and key management to prevent unauthorized personnel from carrying out physical contacts such as damaging hardware unauthorized connection of r...

Страница 17: ...we suggest that you check online users regularly to see if the device is logged in without authorization Check device log By viewing the logs you can know the IP addresses that were used to log in to...

Отзывы: