BASIC SECURITY

The basic security feature is present in the default offering of the 889 relay. The

889 introduces the notion of roles for different levels of authority. Roles are used as login

names with associated passwords stored on the device. The following roles are available

at present: Administrator, Operator, Factory and Observer, with a fixed permission

structure for each one. Note that the Factory role is not available for users, but strictly used

in the manufacturing process.

The 889 can still use the Setpoint access switch feature, but enabling the feature can be

done only by an Administrator. Setpoint access is controlled by a keyed switch to offer

some minimal notion of security.

CYBERSENTRY

The CyberSentry Embedded Security feature is a software option that provides advanced

security services. When the software option is purchased, the Basic Security is

automatically disabled.

CyberSentry provides security through the following features:

• An Authentication, Authorization, Accounting (AAA) Remote Authentication Dial-In

User Service (RADIUS) client that is centrally managed, enables user attribution, and

uses secure standards based strong cryptography for authentication and credential

protection.

• A Role-Based Access Control (RBAC) system that provides a permission model that

allows access to 889 device operations and configurations based on specific roles

and individual user accounts configured on the AAA server. At present the defined

roles are: Administrator, Operator and Observer.