Knowledge Center

NetAcquire CorporationKnowledge Center ArticlesSecuritySecurity (basics)

Security (basics)

NetAcquire systems offer a variety of security options that we’ll examine here. In addition, we offer several other options that will be covered in future articles,

  • Security hardening option (targeted to DISA-STIG model)
  • Pre-Deployment hardening
  • Data-at-rest encryption

Authentication and Encryption

The Security Manager page presents this option at the top of the General tab.

Note: NetAcquire strongly recommends enabling all three options together. Version 9 does not offer individual configuration of these settings, instead making them atomic.

Authentication

This option enforces authentication when accessing the system. Users must provide their credentials and log in. A client certificate authentication option can be chosen for end users preferring use of a certificate.

Important: A root Linux user exists on your system. NetAcquire assigns and provides to you a random password, but it is critical that you change this password yourself. The root user must be changed via SSH.

Note: Accessing the system via SSH always requires authentication, regardless of the settings here.

Authentication Type

Users can choose from Password or Certificate authentication. This setting can be combined with Central Authentication (separate tab) to authenticate through your domain server. Enabling Certificate authentication requires further configuration on the Certificates tab.

Encrypt API

This option encrypts non-HTTP[S] traffic.

  • Streaming data (NetAcquire I/O, aka NAIO), including publish/subscribe (NAPS)
  • CORBA API communications

HTTPS

This option encrypts all web traffic and is required to enable certificate authentication. By default, the system will generate a self-signed, but insecure server certificate.

Note: To configure the server with your own secure certificate (strongly recommended), please refer to the Certificates tab and the server manual’s instructions.

Other Settings

A variety of settings can be configured using the Security Manager. A brief summary:

  • SSH – communications reliant upon SSH
  • Local Passwords – security controlling passwords such as strength, expiration, etc.
  • FTP – Enables non-secure FTP, SFTP can be found in the SSH section
  • HTTP – Apache logging
  • Server Discovery – enable/disable mDNS/DNS-SD
  • Command Line Sessions – security and messages for SSH
  • Security Markings – enable/disable and set security display banners

Security

Is NetAcquire a good fit for your project?

Our applications engineers will discuss your needs and offer advice and pricing for the solutions we can provide.
NetAcquire provides quick responses to phone and email queries during Pacific Time business hours.

Call us toll free: 888-675-1122 or email [email protected]

For Employment, Business Affairs and other NetAcquire Contacts, CONTACT US

NetAcquire Corporation