COMpact 5200/5200R/5500R - Firmware V7.2 - Advanced Information V04 07/2018
177
Functions, Uses, Concepts
Protection from Unauthorised Access
Users (internal subscribers)
The user is any internal subscriber of the PBX. For each user, a user PIN is
generated. The access authorisations to the Web interface are assigned to
the user by the administrator according to local requirements. The possible
range of page releases is limited to a very small number of own subscriber
and group settings.
Each user has the same access authorisations. There modification rights
may differ depending on the profiles.
Additional app passwords for subscribers
The subscriber password is used for SIP registration and the access to the
Configuration Manager and API. Therefore, PBX access data must
frequently be saved in external systems. This will lead to security risks, if
these systems are insufficiently secured.
Therefore, additional subscriber passwords for accessing the Configuration
Manager or API or for accessing Action URLs can be generated.
If an app password has been generated for the subscriber and the corre-
sponding access authorisation has been enabled, the previous subscriber
password loses the access authorisation for the correspondig application.
All generated passwords are listed in the table under
Synthèses > Mots de
passe abonné supplémentaires
. The passwords can be generated
system-wide or for subscribers, although system-wide passwords can only
be generated for Action URLs. Subscriber passwords can be generated for
the Configuration Manager, API and for Action URLs.
Proceed as follows for configuration:
•
Configuring protection from unauthorized access.
–
Using the Configuration Manager (page
Administration > Droits
d’accès
)