Step 3 - (Optional) Secure Your SmartServer

This section describes optional measures that you can take to secure your SmartServer. For example, you can optionally enhance the security of your SmartServer using the built-in signed security certificate, or by providing your own custom signed security certificate. You can also manage user access by changing, recovering, and reseting passwords. Furthermore, you can optionally disable eth0 and eth1 interface ports 1883 and 8883 using the SmartServer Configuration Firewall page. For SmartServer 4.1 and prior, the Firewall tab is called Features.

For some organizations, like the General Services Administration (GSA), that require a warning banner with specific, approved language at IT access points to the SmartServer IoT, you can customize the SmartServer home page, as well as the SmartServer CMS login window, to display this warning banner as described in this section.

Furthermore, this section describes how to configure Advanced Intrusion Detection Environment (AIDE). AIDE is an open source, Linux operating system file and directory integrity checker. Running AIDE creates a significant load on the CPU and file system and can impact system performance. In high security installations, this feature may need to enabled; otherwise, it should be disabled. For SmartServer 4.3 and higher, AIDE is disabled by default and configurable through the System Configuration page to run once a day. For SmartServer 3.5 to 4.2 Update 1, AIDE is enabled by default to run a daily cron job and can be disabled manually through an SSH console session. See Configuring Advanced Intrusion Detection Environment (AIDE) for more information. This feature is not available for SmartServer Pi.

There is also a video on the SmartServer Training Videos page that describes the tabs of the Configuration UI for the SmartServer IoT. Click here for the Configuration UI Tour video.

This section consists of the following: