Acuity Controls nLight ECLYPSE User Manual

This section describes how to secure an ECLYPSE controller from unauthorized access and use.

Introduction

This chapter describes how to implement best security practices for ECLYPSE controllers. Security is built up layer upon

layer to make the system more resistant to attacks. This involves taking simple but effective steps to implement built-in se-

curity features.

Passwords

A username / password combination (or credentials) authenticates a user’s access rights to a controller. If an attacker

gains access to a user’s password, the attacker has access to carry out any action on the controller that is allowed by that

user’s permissions.

Change the Default Platform Credentials

At the first connection to an ECLYPSE you will be forced to change the password to a strong password for the admin ac-

count to protect access to the controller.

It is important to create new user accounts with strong passwords to protect the controller from unauthorized access. The

abled, and the user will then be prompted to reset both. See FIPS 140-2 Mode.

When logging into a controller with certain browsers, the browser asks to remember a user’s login credentials. When this

option is set, the next time the user logs in, the credentials will automatically be filled in. While this is convenient, anyone

with access to the computer can log in using those credentials. Do not set this option for administrator accounts or when

accessing an account from an unsecure computer.

Account Management and Permissions

User accounts must be properly managed to make it harder for an attacker to compromise security, and to make it easier

to detect that an attack has occurred. To set user account parameters, see User Management.

Securing an ECLYPSE Controller

88

nLight ECLYPSE