manualshive.com logo in svg

Lindy SC5-IP, Руководство пользователя, Страница: 30 / 91

Поделиться
Скачать
Lindy SC5-IP Скачать руководство пользователя страница 30



























Placing SC5-IP alongside the firewall

SC5-IP is built from the ground-up to be secure. It employs a sophisticated 
128bit public/private key system that has been rigorously analysed and found to 
be highly secure (a security white paper is available upon request from LINDY). 
Therefore, you can position the SC5-IP alongside the firewall and control hosts 
that are also IP connected within the local network.

IMPORTANT: If you make the SC5-IP accessible from the public Internet, care 
should be taken to ensure that the maximum security available is activated. You 
are strongly advised to enable encryption and use a strong password. Security 
may be further improved by restricting client IP addresses, using a non-standard 
port number for access.

  

Ensuring sufficient security

The security capabilities offered by the SC5-IP are only truly effective when they 
are correctly used. An open or weak password or unencrypted link can cause 
security loopholes and opportunities for potential intruders. For network links 
in general and direct Internet connections in particular, you should carefully 
consider and implement the following:

•  Ensure that encryption is enabled.  

By 

local configuration menu

 or 

global configuration page

.

•  Ensure that you have selected secure passwords with at least 8 characters 

and a mixture of upper and lower case and numeric characters. 
By 

global configuration page

•  Reserve the admin password for administration use only and use a non-

admin user profile for day-to-day access.  

•  Use the latest Secure VNC viewer (this has more in-built security than is 

available with the Java viewer). To 

download the viewer

.

•  Use non-standard 

port numbers

•  Restrict the range of IP addresses that are allowed to access the SC5-IP to 

only those that you will need to use. To 

restrict IP access

.

•  Do NOT Force VNC protocol 3.3. 
•  Ensure that the computer accessing the SC5-IP is clean of viruses and 

spyware and has up-to-date firewall and anti-virus software loaded that is 
appropriately configured. 

•  Avoid accessing the SC5-IP from public computers.

Security can be further improved by using the following suggestions:

•  Place the SC5-IP behind a firewall and use the port numbers to route the 

VNC network traffic to an internal IP address.

•  Review the activity log from time to time to check for unauthorised use. 
•  Lock your server consoles after they have been used.  

A security white paper that gives further details is available upon request from 
LINDY. 

Ports 

In this configuration there should be no constraints on the port numbers 
because the SC5-IP will probably be the only device at that IP address. Therefore, 
maintain the HTTP port as 80 and the VNC port as 5900.

Addressing

When the SC5-IP is situated alongside the firewall, it will require a public static IP 
address (i.e. one provided by your Internet service provider).
More addressing information:

Discover DHCP-allocated addresses
DNS addressing

Содержание SC5-IP

Страница 1: ...LAN TCP IP IP KVM Switch CONNECTION PERFECTION LOC REM VNC 100 LNK PWR SC5 IP User Guide...

Страница 2: ...ssing computers in a cascade 15 Using cascaded computers 15 Multiple video head connections 16 Remote switching control 17 Configuration Overall initial configuration 18 Initial configuration 19 Main...

Страница 3: ...42 Access mode shared private 42 Controls 43 If you need to enter a port number 47 Viewer encryption settings 47 Supported web browsers 47 Further information Troubleshooting 48 Getting assistance 48...

Страница 4: ...s 77 Net masks the binary explanation 78 Calculating the mask for IP access control 79 Ports 80 Security issues with ports 80 Appendix 7 Cable and connector specifications 81 Multi head synchronisatio...

Страница 5: ...systems Up to four global users can share access to a computer from anywhere via an IP network internet connection using a Real VNC client application Each SC5 IP is even able to provide the VNC appl...

Страница 6: ...d mouse plus a video monitor to these connectors These allow you to perform the initial configuration of the SC5 IP Additionally you can use these to locally control the connected computer s Computer...

Страница 7: ...ck Part number 39353 USB Connectors Analog video and USB keyboard mouse Part number 39352 USB with audio Connectors Analog video USB keyboard mouse and 3 5mm audio jack Part number 39354 Sun with audi...

Страница 8: ...ts plus four screws extend the size of the SC5 IP so that it fills the full width of a 1U rack slot INDOOR USE ONLY 2 1 6 5 ECTIONS 5V 2 0A 16 15 14 13 OPTIONS INDOOR USE ONLY 5V 2 0A 4 12 3 11 2 10 1...

Страница 9: ...o achieve the required installation Global user page 10 Local user page 9 Power in page 12 Computer system via CAM page 11 Connections do not need to be carried out in the order given within this guid...

Страница 10: ...connect the local user port 1 Position a suitable video monitor keyboard and mouse in the vicinity of the SC5 IP unit such that their cables will easily reach 2 Attach the video monitor keyboard and...

Страница 11: ...ase refer to Networking issues within the Configuration chapter for more details IMPORTANT When an SC5 IP is accessible from the public Internet or dial up connection you must ensure that sufficient s...

Страница 12: ...5e or 6 cabling between the computer system and the SC5 IP unit The maximum length of the cable is 10 m 32 feet 4 Attach the connector of the cable run to the socket of the CAM 5 At the other end of...

Страница 13: ...upply generate heat when in operation and will become warm to the touch Do not enclose them or place them in locations where air cannot circulate to cool the equipment Do not operate the equipment in...

Страница 14: ...at either level within that cascade tree Note It is not possible to cascade two SC5 IP units together because they do not have a Remote User Port on their front panels The lower units must always be t...

Страница 15: ...ver connections within the cable The cascade link cables can be up to 10m 32 feet in length providing that the total length from the SC5 IP or SC5 to any CAM also does not exceed 10m The procedure giv...

Страница 16: ...mputer marked in red requires a longer address 1203 as it is situated at cascade level 2 compared to the blue computer at the top level with its two digit port number The first time that you make a co...

Страница 17: ...ial interface Consequently by linking the serial interfaces a master unit may be made to automatically switch one or more slave units as shown in the diagram Note You must ensure that all SC5 IP units...

Страница 18: ...g device Note You must ensure that the SC5 IP unit has it Options serial ports set to Sync Units This setting together with the baud rate selection can be made either via the local or global user conf...

Страница 19: ...rivileges 2 Create an ADMIN administration password All SC5 IP units have a fixed user account that cannot be deleted or renamed called ADMIN This user account is the only one that is able to make imp...

Страница 20: ...spectively unless they clash with an existing setup within the network See Networking issues for more details Option port serial details These two items control the use of the OPTIONS port on the rear...

Страница 21: ...instructions in this guide Security Note If the security option has been enabled you will be asked for a valid user name and password before the main menu can be displayed IMPORTANT When supplied SC5...

Страница 22: ...ld background colour will remain red until sufficient characters have been entered to form a reasonably robust password 6 Once the password has been entered you can navigate away from the menu page an...

Страница 23: ...ings 1 Remove power from the SC5 IP unit 2 Press and hold the reset button on the front panel requires paper clip or similar 3 Apply power and after a couple of seconds release the reset button The Ma...

Страница 24: ...ges to be denied access to the SC5 IP If set incorrectly it is possible to exclude all network users and so this option provides an emergency recovery point To clear IP access control 1 From a local k...

Страница 25: ...Configuration Lets you setup or alter the details concerning the OPTIONS serial port Host Configuration Allows you to configure user access and hot key switching for the connected host systems Logging...

Страница 26: ...setting does not enforce encryption unless a viewer specifically requests it If a viewer has its Let server choose setting then an un encrypted link will be set up Prefer on This setting generally enf...

Страница 27: ...rewall configurations For this reason the SC5 IP is designed to be intelligent flexible and secure With the minimum of effort it can reside either behind the firewall or alongside with its own separat...

Страница 28: ...well as the IP address For instance if you set the HTTP port to 8000 and the IP address is 192 168 47 10 then browser users will need to enter http 192 168 47 10 8000 Note the single colon that separ...

Страница 29: ...k configuration screen where the new IP address and network mask should be displayed DNS addressing As with any other network device you can arrange for your SC5 IP to be accessible using a name rathe...

Страница 30: ...haracters By global configuration page Reserve the admin password for administration use only and use a non admin user profile for day to day access Use the latest Secure VNC viewer this has more in b...

Страница 31: ...ocess 10 When ready click the Perform upgrade button The upgrade will take place and its progress will be shown on screen 11 When the upgrade is complete click the link Click here to reboot the unit i...

Страница 32: ...user access via IP network link LOC REM VNC 100 LNK PWR The front panel indicators Indicators LOC Keyboard or mouse data are being received from the local console REM Keyboard or mouse data are being...

Страница 33: ...umeral key and press the second repeat this procedure until all of the port address numerals have been entered then release and Note The numbers on your keyboard s numeric keypad are not valid use onl...

Страница 34: ...ight buttons of a three button mouse Note The mouse switching option is usable only if the Mouse Switching option is enabled See Global preferences for more details At this point depending on the secu...

Страница 35: ...mouse button Logging in and out The SC5 IP features a straightforward security system that helps to prevent unauthorised access to some or all connected computers If the security option has been sele...

Страница 36: ...that indicates which computer port you are currently viewing The banner is usually displayed at the top of the screen using white lettering and transparent background You can Move the banner Change t...

Страница 37: ...orange dot against a host entry indicates that an inconsistency relating specifically to cascaded hosts The problem can occur for two main reasons either A cascaded computer or multiple computers has...

Страница 38: ...ternet link There are two types of viewer a standalone VNC viewer or a VNC Java application used within a standard web browser Select the required viewer LOCAL USER GLOBAL USER OR IP COMPUTER SYSTEM C...

Страница 39: ...he Username entry is blanked out then only admin user account is currently defined and only a password is required Options button Provides a range of viewer and connection settings MORE Enter the SC5...

Страница 40: ...be shown here Options button Provides a range of viewer and connection settings MORE 5 Make any necessary option encryption changes and click the OK button to proceed Depending on the options selected...

Страница 41: ...reen that you are viewing has a larger resolution than your viewing window you will need to scroll around to see all items The viewer window allows you to bump scroll only in full screen mode This mea...

Страница 42: ...ts are listed by their entry number or alphabetically See Appendix 2 Host configuration for details about programming new hosts into the SC5 IP admin user status required Configure This option is disp...

Страница 43: ...uto calibration ensure that the screen image is static no moving images and also try to remove any on screen displays generated by KVM switches such as host names or menus This is because they can aff...

Страница 44: ...on escape sequences see Advanced unit configuration for details The single mouse mode does not require calibration Resync Mouse This option has the same effect as the button on the menu bar and re syn...

Страница 45: ...ettings see next page Click to send the contents of the clipboard to the host Enable Sun Translation When enabled this mode translates certain keyboard sequences to represent the special keys that are...

Страница 46: ...n to automatically determine the optimum settings for all items Note Before using the Calibrate All option if possible remove on screen display OSD elements generated by the SC5 IP such as a host name...

Страница 47: ...m may exhibit temporary artifacts as the large image moves Tile Width and Height Determines the size of the sample areas into which the source video screen is divided for examination purposes Smaller...

Страница 48: ...iewers and VNC viewers of level 4 0b5S or higher offer four encryption options The resulting actions of certain options depend upon how the SC5 IP to which you are connecting is configured Always on T...

Страница 49: ...is not correctly responding to my mouse movements Recalibrate the mouse When doing so ensure that the host system does not have mouse cursor trails enabled and that the top left corner of the screen...

Страница 50: ...uttons of a three button mouse If you are not already logged in do so now What to do if the ADMIN password has been forgotten 2 Press to display the Main Menu 3 Use the following keys and to highlight...

Страница 51: ...e 3 Press to show the Main Menu 4 Select Functions and press Restore Standard Mouse This option is used to resume standard mouse operation if it has ceased to operate for instance if it has been conne...

Страница 52: ...the colour of the reminder banner The Blue Trans Pink Trans and White Trans use a transparent background Screen Saver Settings Blank Moving Logo You can select the type of screen saver If you select B...

Страница 53: ...overall system efficiency Mouse Switching Settings Enabled Disabled The computer channel can be switched using a three button mouse or IntelliMouse Pressing the central button or wheel button togethe...

Страница 54: ...ss to all the connected computers and full administration rights With security enabled users are required to log in to the SC5 IP Each user is allocated access rights to computers by the system admini...

Страница 55: ...le only to the Admin user the configuration section menu allows you to determine settings that relate directly to the global IP user aspects of the unit Unit Configuration IP admin password encryption...

Страница 56: ...rhead of roughly 10 but is highly secure against third party intrusion Hardware Indicates the version of the internal circuitry Firmware Indicates the version of the internal software Keybd Layout Use...

Страница 57: ...et Mask Also often called the subnet mask this value is used alongside the IP address to help define a smaller collection or subnet of devices on a network In this way a distinction is made between lo...

Страница 58: ...RS232 serial OPTIONS port at the rear of the unit This is fixed at Sync Units Options Baud This option determines the speed of the RS232 serial OPTIONS port This setting is fixed at 19200 To get here...

Страница 59: ...the admin user 2 Press hotkeys can change 3 Press to show the Main Menu 4 Select Configuration and press 5 Select Reset Configuration and press To reset the SC5 IP configuration 1 From a local or rem...

Страница 60: ...ion to the SC5 IP unit and login as the admin user 2 Once logged in click the Configure button in the top right corner of the window Logged on users Indicates the current users irrespective of whether...

Страница 61: ...haracters are permissible The user name can be between 1 and 16 characters in length Password Passwords are case sensitive and can include certain keyboard symbols The password can be between 1 and 16...

Страница 62: ...ion imposes a slight performance overhead of roughly 10 but is highly secure against third party intrusion Advanced Unit Configuration Hardware Version Indicates the version of the electronic circuitr...

Страница 63: ...the disabled option is selected the remote users will need to manually refresh the screen Note When a low connection speed is detected the background refresh is automatically disabled regardless of th...

Страница 64: ...1 and 12 The day d must be between 0 Sunday and 6 The week w must be between 1 and 5 week 1 is the first week in which day d occurs and week 5 specifies the last d day in the month The time fields spe...

Страница 65: ...ed alongside the IP address to help define a smaller collection or subnet of devices on a network In this way a distinction is made between locally connected devices and ones that are reachable elsewh...

Страница 66: ...are listed higher in the list than any denied addresses Take care not to invoke any deny access settings that would exclude valid users 1 In the access control list click on the entry to be moved 2 Cl...

Страница 67: ...the RS232 serial OPTIONS port at the rear of the unit This option is fixed at Sync Units Baud Rate This option determines the speed of the RS232 serial OPTIONS port The other communication settings a...

Страница 68: ...dow when you click the Host button Users Select the users that will be permitted to connect to this host Either enter to allow all users or a list of users separated by commas e g admin nigel preben s...

Страница 69: ...oard 2 In a text application i e Word WordPad Notepad press Ctrl and V or right mouse click and Paste Date and time the event occurred Type of event user name and access method or remote IP address Cl...

Страница 70: ...ddress of the LDAP server that holds the required directory service Host Port The standard port address for LDAP links is 389 and this should not need to be changed unless special circumstances exist...

Страница 71: ...the most appropriate colour level for the speed of the connection to the SC5 IP Where the connection speed is slow or inconsistent there will be a necessary compromise between screen response and colo...

Страница 72: ...and status section Rate limit mouse move events When ticked this feature reduces the mouse movement information that is sent to the SC5 IP and host system This is useful for slow connections and you w...

Страница 73: ...ver the host system s screen resolution is altered IMPORTANT If you make any changes to the options given here and wish to retain them for successive connection sessions you must save the changes To d...

Страница 74: ...e Width and Height settings in the adjacent fields A drop box to the right of the fields allows you to define the image size by percentage or by pixels as required Preserve Aspect Ratio When ticked ma...

Страница 75: ...5 IP is fully reconfigured then it will need to issued with a new identity In this case the previous identity listed in this tab should be removed so that a new identity can be created on the next con...

Страница 76: ...Ctrl Alt Send F8 Send Ctrl Alt Del Sends the selected keypress es to the SC5 IP and host computer This is necessary because certain keys and key combinations are trapped by the VNC viewer Refresh Scre...

Страница 77: ...browsers Inputs View only ignore mouse keyboard When ticked the viewer will not send keyboard or mouse information to the SC5 IP or host computer Accept clipboard from server This feature is restrict...

Страница 78: ...ddress section in order to use the telephone system efficiently it is vital for you to know your location relative to the person you are calling In this way you avoid dialling unnecessary numbers When...

Страница 79: ...hat the local part of the address is formed by only the last four bits If you use the diagram from the previous example and insert the new net mask it will have the following effect on the final resul...

Страница 80: ...omes a little clearer The above mask has the form 11111111 11111111 11111111 11100000 Ignoring the initial three octets the final six zeroes of the mask would ensure that the 32 addresses from 64 0100...

Страница 81: ...r or web browser to make contact with your SC5 IP it is necessary for the firewall to allow communication through a particular numbered port to occur One specific function of firewalls is to restrict...

Страница 82: ...ble MASTER end 9pin D type female SLAVE end 9pin D type female MASTER end 9pin D type female SLAVE1 end 9pin D type female Use this cable when two SC5 IP devices are being synchronised Use this cable...

Страница 83: ...ings means press down the key that follows means release the key that follows means press down and release the key that follows means wait 250ms note if a number immediately follows the asterisk then...

Страница 84: ...y system screens Half width screens can be expanded to normal width using the scaling features of the viewer vesa 720 x 400 85Hz vesa 640 x 480 60Hz vesa 640 x 480 72Hz vesa 640 x 480 75Hz vesa 640 x...

Страница 85: ...ere rating of all the devices plugged into the wall outlet does not exceed the wall outlet s ampere rating Do not attempt to service the SC5 IP yourself Warranty LINDY warrants that this product shall...

Страница 86: ...s zur ck und f hrt sie einem geordneten Recycling entsprechend den gesetzlichen Vorgaben zu Bitte nehmen Sie hierzu Kontakt mit LINDY auf die Kontaktadressen finden Sie stets auf der LINDY Website www...

Страница 87: ...HIRD PARTY RIGHTS AND FITNESS FOR PARTICULAR PURPOSE 4 Limitation on Liability UNDER NO CIRCUMSTANCES SHALL REALVNC BE LIABLE FOR ANY CONSEQUENTIAL INDIRECT OR INCIDENTAL DAMAGES WHATSOEVER INCLUDING...

Страница 88: ...ween the equipment and the receiver c Connect the equipment to an outlet on a circuit different from that to which the receiver is connected d Consult the supplier or an experienced radio TV technicia...

Страница 89: ...S31015 67451 MUNDOLSHEIM CEDEX France Email france lindy fr Tel 0 825 825 111 Fax 03 88 20 57 74 Italia LINDY Italia Srl Via Varesina 126 B 22079 Villa Guardia CO Italia Email italia lindy it Tel 031...

Страница 90: ...ystem 11 global user 11 host computer 9 keyboard 9 local user 9 multiple video head 16 network port 10 power supply 12 Connector specifications 81 Control menus 40 Controls viewer options 43 D Date lo...

Страница 91: ...6 setting IP access control 65 unit configuration 61 user accounts 60 Resync mouse 43 Router 27 Routing status 35 S Safety information 84 Saving configuration settings 22 Scaling VNC Viewer 73 Screen...

Отзывы:

Нет отзывов