NPort 5000 Series User Manual
NOTE
If all HTTP/HTTPS/Telnet/Serial consoles are turned off, then there is no other route to access the product.
The only way to recover it is to reset the device and start from the beginning. Please refer to the user
manual on how to reset the device
Limited IP Access
Limiting the number of IP addresses that can access the product is one of the most effective way of blocking
unwanted intruders. If there are only limited desktop/notebook/mobile devices that would access the
product, grant those IPs access.
Account and Password
• There is a default username and password for first-time installation; it is strongly suggested to change
the password after installation has been done.
• Use your own passwords for users of the devices. If possible, also change the default name of the
account, for example, don't name admin group "admin" before the device is deployed.
• Use strong passwords. The devices support a function to check if the passwords are strong enough. You
can enable the function to help you check whether the passwords are strong enough.
• Use account login failure lockout feature to prevent unwelcome access
System Log
System log can contain all kinds of activities that are happening on your NPort, such as Login Fail, IP
Changed, Password Changed, Config Changed, etc. Check the log periodically to examine any abnormal
behavior.
Testing the Security Environment
Besides these devices that support those protective functions, network managers can follow a number of
recommendations to protect their network and devices.
To prevent unauthorized access to a device, follow these recommendations:
1. Testing tools for cybersecurity environment checks are available. Some may provide limited free use,
for example, Nessus. These tools help identify possible security leaks in the environment.
2. The device should be operated inside a secure network, protected by a firewall or router that blocks
attacks via the Internet.
3. Control access to the serial console as with any physical access to the device.
4. Avoid using insecure services such as Telnet and TFTP; the best way is to disable them completely.
5. Limit the number of simultaneous web server and Telnet sessions allowed. Periodically, change the
passwords.
6. Backup the configuration files periodically and compare the configurations to make sure the devices
work properly.
7. Audit the devices periodically to make sure they comply with these recommendations and/or any
internal security policies.
8. If there is a need to return the unit to Moxa, make sure encryption is disabled and that you had already
backup the current configuration before returning it.
To Next Page
Loading...
Need help?
General
