Before You Start

Before beginning the process of hardening a Makito X Series device, make sure you have the following:

• a trusted computer from which to issue hardening commands to the device,

• an Ethernet or serial cable (available on some encoder models) to establish the trusted-computer-to-device connection, 

  

  Note

  Some devices have a serial port, while others do not. See the associated installation or quick start guide. 

• password policy criteria, including minimum password length, minimum number of uppercase/digits/symbols, and expiration period (in days),
• session policy criteria, including the period of inactivity (in minutes) after which an administrative user should be automatically logged out,
• account policy criteria, including the period of inactivity (in days) after which an account should automatically be disabled,
• an organization cryptographic policy, if any; users can either consult the compliance profile to find one that matches, or can define a custom profile,
• a username and password chosen for the initial Administrator account,
• an X.509 certificate (preferred); as an alternative, a self-signed, self-generated certificate can be used for the hardening procedure,
• an Ethernet cable to establish a network connection,
• a static IP address, network mask, and gateway address for the device, or a DHCP server IP address,
• an NTP server IP address and time zone,
• a host name for the device,
• a domain name and DNS server address, if any, and
• an audit (syslog) server address and its root CA certificate.