The TLS4 Series consoles come with security features allowing for greater protection and control of access to the Automatic Tank Gauge. Features such as configurable user access and segmented network ports help ensure both network and front-panel security.
This update covers:
- User and Roles Admin
- Create User Accounts
- Custom Roles
- System Security
- Front Panel Security
- Serial Command Port (TCP/IP Interface)
- SSH Port
- Serial Command Over SSH
- HTTPS Port
- User Admin Via Web
- Router and Network Switch
Create User Accounts & Custom Roles
All TLS4 Series consoles come preconfigured with three roles: Administrator, Operator and Regulator. Additional custom roles can be programmed.
Menu --> System Administration --> Roles Admin
• Administrator: This role gives full access to the console – including the ability to create new roles and users.
• Operator: This role allows the user to view and generate reports and perform certain manual functions, such as starting a manual line or tank test.
• Regulator: This role allows the user to print and view console reports.
Note: Users assigned to the Regulator role cannot be deleted.
To add a Custom role, select Actions --> Add New Role
The Custom role allows each individual screen to be viewable, editable or not accessible. For example, in Setup under the Automatic Events section, each option can be customized:
Veeder-Root strongly recommends creating an Administrator account with a unique password. This will disable the default username and password.
Note: When using the Plus View or Remote View apps, the same login credentials are used.
The TLS4 Series consoles have optional security features to enhance protection in addition to front panel security that requires a username and password, when enabled.
Front Panel Security: When disabled, all users can access all screens with no password required. When enabled, users must login with a password to gain access to the screens they’re allowed to view.
Serial Command Port (TCP/IP Interface): When disabled, the console will not accept any serial commands sent through a telnet session.
Note: This will not block all traffic on the TCP/IP port. It will only block serial commands.
SSH Port: When disabled, all traffic on the SSH port will be blocked.
Serial Command Over SSH: For the SSH Public Keys feature to work, this port and the SSH port must be enabled. By default, this port is disabled.
HTTPS Port (Web Access): When disabled, all traffic on the HTTPS port will be blocked. This will prevent access to the web portal, and the Plus View and Remote View apps.
User Admin via Web: When disabled, the System Administration screens will be blocked from the web portal – access to these two screens will only be available on the console’s front panel.
Router or Network Switch
Most routers or network switches have additional features allowing ports to be enabled or disabled. Contact device manufacturers or internet service providers (ISPs) for more information.