Before You Start
Before beginning the process of hardening a Makito X Series device, make sure you have the following:
- a trusted computer from which to issue hardening commands to the device,
an Ethernet or serial cable (available on some encoder models) to establish the trusted-computer-to-device connection,
Note
Some devices have a serial port, while others do not. See the associated installation or quick start guide.
- password policy criteria, including minimum password length, minimum number of uppercase/digits/symbols, and expiration period (in days),
- session policy criteria, including the period of inactivity (in minutes) after which an administrative user should be automatically logged out,
- account policy criteria, including the period of inactivity (in days) after which an account should automatically be disabled,
- an organization cryptographic policy, if any; users can either consult the compliance profile to find one that matches, or can define a custom profile,
- a username and password chosen for the initial Administrator account,
- an X.509 certificate (preferred); as an alternative, a self-signed, self-generated certificate can be used for the hardening procedure,
- an Ethernet cable to establish a network connection,
- a static IP address, network mask, and gateway address for the device, or a DHCP server IP address,
- an NTP server IP address and time zone,
- a host name for the device,
- a domain name and DNS server address, if any, and
- an audit (
syslog
) server address and its root CA certificate.