The Security Center Hardening Guide 5.10 includes the following new enhancements.
New topics
- (Access Control) Applying critical firmware updates to access control equipment
- (Access Control) Applying the latest cumulative security rollup available for Synergis™ units
- (Access Control) Using dedicated users with restricted privileges for connecting to Global Cardholder Synchronizer role
- (Access Control) Using secure reader connections
- (User Management) Best practices for a strong password policy
- (User Management) Deactivating the default Admin user
- (User Management) Deactivating all local users
- (Video) Rotating your camera passwords periodically
Updated topics
- (General) Stopped referencing Basic and Advanced in the same topic. All Basic tasks are included in the Advanced level.
- (Access Control) About using Global Cardholder Synchronizer
Title changed to "Using dedicated users with restricted privileges for connecting to Global Cardholder Synchronizer role".
- (Access Control) Analyzing the strength of administrator passwords on HID
controllers
Title changed to "Using strong passwords on access control units". Updated steps to combine verifying and changing passwords and added new images.
- (Access Control) Changing the default administrator password for the Synergis™ unit
Topic moved under "Using strong passwords on access control units".
- (Access Control) Enabling Secure mode on HID units.
Added content from "Enabling Secure mode when enrolling HID Units".
- (Access Control) Synchronizing the Synergis™
unit with the Access Manager
Topic moved under "Using strong passwords on access control units".
- (Access Control) Using certificates signed by a certificate authority on the Synergis™ unit
Title changed to "Using trusted certificates on Synergis™ units".
- (Access Control) Using strong passwords on access control units
Removed reference to invalid password length.
- (System) Disabling backward compatibility for the Map Manager role
Clarified that if backward compatibility is disabled, client applications that are unable to authenticate cannot view background images.
- (User Management) Enforcing strong passwords
Clarified definition for Expiry notification period and referenced the new best practices.
- (User Management) Setting passwords for Media Gateway RTSP streaming
Clarified RTSP security considerations and added information on RTSPS.
- (User Management) About configuring Federation™
users (Basic)
Revised note about the privileges granted to the Federation™ user.
- (User Management) Using Windows Active Directory Integration
Referenced the new best practices for strong passwords.
- (Video) Connecting to cameras through HTTPS
Removed incomplete list of supported camera manufacturers.
- (Video) Encrypting data in transit and at rest with fusion stream encryption
Clarified fusion stream encryption as encryption in transit and at rest.
- (Video) Enabling fusion stream encryption
Fixed procedure to match UI and added clarifications.
- (Video) Refusing basic authentication
Fixed procedure to match UI.
- (Windows) About configuring Windows securely
Title changed to "About Windows security baselines". Updated with information on SCT and the latest security baselines.
Removed topics
- (Access Control) Enabling Secure mode when enrolling HID Units
Merged with "Enabling Secure mode on HID Units".
- (Access Control) Updating firmware on the Synergis™ appliance
Merged with "Applying the latest cumulative security rollup available for Synergis™ units".
- (Access Control) Applying a cumulative security rollup to a Synergis™ appliance through Synergis™ Appliance Portal
Merged with "Applying the latest cumulative security rollup available for Synergis™ units".
- (Access Control) Whitelisting your IP addresses
Obsolete.