User's Guide
Table Of Contents
- RUGGEDCOM SAS-GW
- Table of Contents
- Preface
- 1. Introduction
- 2. Installation and Deployment
- 3. Using RUGGEDCOM SAS-GW
- 4. Configuring RUGGEDCOM SAS-GW
- 4.1. Configuring the Local Time Zone
- 4.2. Configuring the SNMP Read/Write Communities
- 4.3. Managing User Accounts
- 4.4. Managing Base Stations
- 4.4.1. Adding a Base Station
- 4.4.2. Updating a Base Station's Configuration
- 4.4.3. Updating a Base Station's Location
- 4.4.4. Updating a Base Station's Antenna Characteristics
- 4.4.5. Updating SNMP Settings
- 4.4.6. Updating CPI Information
- 4.4.7. Removing a Base Station
- 4.4.8. Viewing Available Base Stations
- 4.4.9. Viewing the Measurements Report
- 4.4.10. Viewing the SAS Registration Information
- 4.5. Managing Subscriber Units
- 5. Monitoring RUGGEDCOM SAS-GW
Chapter 1
Introduction
RUGGEDCOM SAS-GW
User Guide
2 Security Recommendations
• Web-Based User Interface
RUGGEDCOM SAS-GW provides a simple, intuitive user interface for configuration and monitoring via a standard
graphical Web browser user interface.
Section1.2
Security Recommendations
To prevent unauthorized access to RUGGEDCOM SAS-GW, note the following security recommendations:
Authentication
• Replace all default passwords before RUGGEDCOM SAS-GW is deployed.
• Use strong passwords. Avoid weak passwords such as password1, 123456789, abcdefgh, etc. An example of a
strong password would be a password that contains at least eight characters, including a lowercase letter, an
uppercase letter, a numeric character and a special character.
• Make sure passwords are protected and not shared with unauthorized personnel.
• Do not re-use passwords across different user names and systems.
• Record passwords in a safe, secure, off-line location for future retrieval should they be misplaced.
Physical/Remote Access
• Configure remote system logging to forward all logs to a central location.
• SNMP (Simple Network Management Protocol) community names should be unique.
• Prevent access to external, untrusted Web pages while accessing RUGGEDCOM SAS-GW via a Web browser. This
can assist in preventing potential security threats, such as session hijacking.
• When possible, configure port security features on the host device's access ports to prevent an unauthorized
third-party from physically connecting to the device.
Hardware/Software
• Make sure the latest version of RUGGEDCOM SAS-GW is installed, including all security-related patches.
For the latest information on security patches for Siemens products, visit the Industrial Security website
[http://www.industry.siemens.com/topics/global/en/industrial-security/news-alerts/Pages/alerts.aspx] or
the ProductCERT Security Advisories website [http://www.siemens.com/innovation/en/technology-focus/
siemens-cert/cert-security-advisories.htm]. Updates to Siemens Product Security Advisories can be obtained
by subscribing to the RSS feed on the Siemens ProductCERT Security Advisories website, or by following
@ProductCert on Twitter.
• Use the latest Web browser version compatible with RUGGEDCOM SAS-GW to make sure the most secure
Transport Layer Security (TLS) versions and ciphers available are employed. Additionally, 1/n-1 record splitting
is enabled in the latest web browser versions of Mozilla Firefox, Google Chrome and Internet Explorer, and
mitigates against attacks such as SSL/TLS Protocol Initialization Vector Implementation Information Disclosure
Vulnerability (e.g. BEAST).