NetLinx Controller Security Brief
As Audio-Visual Systems Controllers are increasingly being integrated into the network device topology of many Enterprise organizations, there is a growing need for these systems to adhere to and demonstrate compliance with broad-based Enterprise Network Security frameworks. Specific network security policies may vary by organization, and are often influenced by regulatory requirements specific to an industry or geography. Even at an organizational level, security policies may be applied with some variability across business units based on application requirements and business priorities. However, despite these variations there are a distinct set of common features and considerations inherent to a security-compliant networked AV system.
||Approved cryptographic libraries protect user identities, disclosure to unauthorized persons and provide FIPS 140-2 compliance
||Assurance of identity of person or originator of data. Provides an acceptable local password scheme and the ability to manage passwords at an enterprise level.
||Access control credentials, permissions, and logging in both internal and external directory services
Non-repudiation Manages password expiration and complexity. User authentication system enforces a strong password policy with an adjustable day password expiration
||Identity combined with an access policy grants or denies the rights to user requests for permission to access to a system asset, service, file, or function.
||A record trail of key events to assure compliance with policy. Enhanced audit ability to export logs to syslog for central security management
AMX NetLinx Controllers are continuously evaluated and improved to adhere to best practices for security-compliant networked AV systems based upon the above criteria. AV System Solutions are commonly configured with the Controller as a master supporting user interfaces and other ancillary devices, and controllers are frequently incorporated into multi-function devices providing AV switching, encoding & decoding, output scaling, or other AV system functions. In these cases, the security-compliant features incorporated into the NX controller platform enable them to contribute to best practices for Networked AV at a system-wide level.
NetLinx NX Series Controller Firmware Update
The latest firmware update available for AMX NetLinx Controller platforms is designed to enhance the security of Networked AV systems by improving upon the the Authentication, Availability, and Authorization features of security –compliant AV systems as outlined above.
Specific improvements addressed by NX v1.4.65 firmware update include:
- Added approved cryptographic libraries to protect user identities, disclosure to unauthorized persons and provide FIPS 140-2 compliance.
- Added ability to manage password expiration and complexity. User authentication system enforces a strong password policy with an adjustable day password expiration.
- Added granular mapping of privileges for defining role permissions which separate Security administration from device administration.
- Added direct mapping of multiple roles to LDAP groups (including Active Directory). Leverage enterprise user names and passwords for accessing AMX masters
- Administrator (All possible permissions) and User (View HTLM status only).
- Enhanced audit ability to export logs to syslog for central security management.
- The NX master controller can act as an SSH and HTTPS client for communication with RMS and third party devices with secure control.
- All new html5 web user interface for manging network, security, and device settings.
- Several enhancements to eliminate potential security vulnerabilities
- Removed debugging account to prevent security vulnerability
The NX v1.4.65 firmware update is applicable to products and systems incorporating the NetLinx NX Control platform:
|NX Series Controllers
|Enova® DVX All-in-One Presentation Switchers
Firmware downloads require a current login and password for the AMX Account Center to access the protected Technical Documentation and Support Materials sections of the AMX by HARMAN website. Technical Support Staff within End User organizations may contact their authorized AMX Dealer or HARMAN Professional representative for assistance.
NX Series (X200) Master, NX Series DVX-325x/225x Master, Massio ControlPads Master v.1.4.65