Secure Operation

To ensure proper and safe operation of the IACBOX it is necessary to keep a couple of factors in mind.
In this section of the manual we take a look at all the little and all the great things that make operating the IACBOX more safe for everybody.

Deployment #

We recommend to operate the IACBOX behind a Firewall at all times.
The required ports for smooth operation are:

If a public IP is being used for the IACBOX, activate the Management-LAN and deactivate the WebAdmin access on the Office-LAN(WAN).

This way the WebAdmin access is kept restricted to internal networks.
That does not mean, that the IACBOX cannot be administered remotely!

The Central Services module as well as the brandnew Cloud Remote Access contained in the cloud module will still allow for remote administration.

Access / Authentication #

Change the password of the sysop user after the IACBOX has been installed for the first time.
Logging in with the sysop user and the sysop default password will redirect to the WebAdmin user account page where changing the password is possible.

Alternatively the Account page can be found by clicking on the User-Icon on the top right of the WebAdmin:

The same menu can be used to set up 2-Factor-Authentication to add an additional layer of security on WebAdmin logins.

WebAdmin User Permissions should also be inspected and configured according to requirements.

Operations #

Create regular backups either manually or automatically.
Automatic remote backups ensure that data is backed up regularly and can be restored quickly in case of failure.

Monitor the system via SNMP.

Keep auto-updates switched on to receive regular security and feature updates as well as bugfixes.
Online Update settings can be found in the WebAdmin System/Online update menu.