Environment and Identification
Last updated on Feb 19, 2021
The figure below shows an overview of the operational environment of the Makito X encoder and decoder. Sources for video, audio and metadata are connected directly to the encoder. In addition, an administrative user may connect a trusted computer directly to the encoder or decoder to initiate a management session using the Command Line Interface (CLI) or the Web User Interface. A network connection enables communications between the encoder/decoder and various other devices and users.
Makito X Series Operational Environment
The hardening procedure described in this document is designed to provide effective security in a trusted, non-hostile environment only if it is installed, managed, and operated as directed in this guide and the associated User's Guide. The following conditions are assumed to exist:
- Physical Security — The encoder and/or decoder must be located in an area subject to access controls in order to prevent unauthorized physical access as well as modification to the hardware and software critical to the enforcement of security policies. In addition, all systems with which the encoder and/or decoder communicates, and the communication paths, are assumed to be compliant with the same security policies.
- Flow of Information— All unsecure network connections are within controlled access facilities. The encoder or decoder is only accessed through its authorized access points. The encoder or decoder will only be connected to a trusted time source and/or audit server, and regularly checked by an authorized administrator.
- Personnel — Only competent, authorized, trusted administrators are assigned to manage the encoder or decoder. Administrators are not negligent or hostile, and will follow the instructions provided in this guide. All authorized users are trained in the protection of their own data, and are expected to act in a manner that respects security policies.
Saved changes to the security configuration will survive a reboot, power cycle, and firmware upgrade. However, pressing the factory reset button will reset the security configuration to the configuration shipped from factory (with the exception of the Snapshot feature of the Makito X encoder, which, if disabled, will remain so). Upon factory reset, you must reapply this hardening procedure to a Makito X to bring it back to a secured state.
This document assumes you are applying the hardening procedure to an encoder or decoder at its factory default state. If you wish to harden a Makito X that has already been configured in some way, we recommend that you reset it to its factory default state. Refer to "Resetting the Encoder" or "Resetting the Decoder" in the associated User's Guide.