manualshive.com logo in svg

Honeywell SmartVFD, Operating Manual

The Honeywell SmartVFD is a cutting-edge variable frequency drive that provides efficient and reliable motor control. Enhance your operations with this advanced technology by accessing the detailed Operating Manual, available for free download at 88.208.23.73:8080. Explore its features and optimize your system performance effortlessly.

Share
Download
background image

SMARTVFD SECURITY GUIDE

5

31-00140—01

User accounts

Securing access to the operating system

The SmartVFD Drive Care Tool does not use Windows user 
accounts for application security; Windows user accounts 
are used to secure access to the operating system and still 
provide a very valuable layer of protection. Ensure that 
only authorized users have access to computers.

Windows user accounts and passwords

Access is gained to the Windows operating system by 
logging onto the computer using a user account name 
and password. This is true for both local and remote 
terminal services access. Because user accounts may be 
well known or easily guessed within an organization, the 
password becomes the prime vehicle for authentication. 
User account and password policies are therefore 
important security measures.

User and password policies and settings

Since users are not authenticated using Windows, 
configure any PC application with access to the SmartVFD 
so that each user has a unique login name and password. 
Ensure that when an employee, or any other user with 
permanent or temporary access, leaves the organization 
or no longer needs access, their user accounts are 
disabled. For example, when a subcontractor is on the job 
working on the SmartVFD HVAC system, they are given 
access to the system. Monitor their access while the work 
is in progress and then disable their credentials once the 
work is complete. In addition, because SmartVFD software 
is available using a browser, ensure that the SmartVFD 
user account is also disabled.

Follow Windows user and password policies to secure 
access to the operating system that has application 
access to the SmartVFD. As a general rule:
• Review user accounts on a regular basis.
• Disable or delete all unused accounts.
• Disable all anonymous accounts
• Disable all guest accounts.

Configure password policies so that Windows account 
passwords are difficult to guess and they are changed 
often. The following settings are suggested:
• Maximum password age set to 45 to 90 days - this 

forces the choice of a new password after this time. 
Configure the setting for the Administrator account 
shorter than a normal system user. A maximum of 30 
days is recommended.

• Minimum password age set to 1 to 5 days- this 

prevents cycling passwords too rapidly.

• Minimum password length set to 11 characters - This 

improves encryption and makes guessing harder. Using 
several words to form a phrase can make a stronger 
password that is also easier for the user to remember. 
For example, "My dog Fido has 50 fleas!" is a much 
stronger password, and much easier to remember, than 
"X$9d8oc-@Ek".

• Enforce password history set to 24 passwords 

remembered - This prevents reuse of the same 
password too quickly.

• Password must meet complexity requirements set to 

enabled improves encryption and makes guessing 
harder. Suggest requiring at least three of the following: 
Uppercase Character, Lowercase Character, Number, 
and Special Character.

• Store passwords using reversible encryption set to 

disabled - this prevents passwords from being stored in 
(the equivalent of) clear-text.

• Account lockout threshold set to 5 invalid logon 

attempts - this prevents continual password guessing 
by disabling an account after the specified number of 
attempts. Consider disabling account lockout for 
operator (or other user) accounts where denial of 
service or loss of view would be detrimental to safety or 
the continued operation of the facility.

• Account lockout duration set to 30 minutes - this 

specifies the period of time during which a user will not 
be able to log on following an account lockout. (Note 
that the administrator can re-enable the account 
before the expiration of the specified lockout period.)

• Reset account lockout counter after 29 minutes --- this 

sets the time before the account lockout is reset to zero. 
For example, with the account lockout set at 10, and the 
lockout counter set at 29 minutes, lockout will occur if 
there are 10 invalid logon attempts within 29 minutes. 
Note that the lockout counter must be less than the 
lockout duration.

Service and primary workstation 
accounts

Run Windows services and PC browser required by 
SmartVFD commissioning software under an account with 
the lowest possible set of privileges. The following classes 
of accounts are suggested in order of preference:
• Local service accounts.
• Local accounts with minimum rights.
• Domain accounts with minimum rights.
• The Network Service account.
• Local or domain user accounts belonging to the Local 

Administrators group.

• The local system account.

Monitoring and logging

System monitoring

Diligent system monitoring will help guard your system 
against unauthorized access. However, there is always the 
possibility that an attacker will succeed in circumventing 
all the safeguards and compromise the system. If this 
happens, it is important to discover the breach and 
prevent further damage as rapidly as possible. The earlier 
a system breach is detected and the more evidence that is 
captured, then the less damage is likely to occur and the 
greater the chances of identifying the intruder.

Summary of Contents for SmartVFD

Page 1: ...scribed and used by the SmartVFD The SmartVFD has multiple communication protocol options Typically only one communication protocol is chosen to interface with the SmartVFD in any given installation SYSTEM DESIGN AND PLANNING This section contains information on activities that need to happen when the system is being planned by the contractor Physical Security of Components It is important to have...

Page 2: ...rough the use of an access code settable on the keypad parameter P8 1 and P8 2 Access to the SmartVFD directly by PC via the Drive Care Tool software and the HVFDCDMCA hardware kit requires no password Any PC application accessing the SmartVFD via the BMS or router should be protected with a robust password See APPENDIX 3 SECURITY MAINTENANCE TASKS on page 3 PCs used to access the SmartVFD Each PC...

Page 3: ...ion best practices for SmartVFD SMARTVFD Communication Bus Lon BACnet MS TP etc Security of the bus also means that the bus is electrically reliable for communications It is important the bus is installed with one wire type consistent throughout the whole gateway to controller connection as to eliminate reflections from bus wire impedance mismatches Shielded wire is not recommended for normal inst...

Page 4: ...est real time protection for your system Configure the virus scanner to run on demand scans during regular scheduled maintenance to catch any malicious files or programs which may be dormant on the computer Configure both on access and on demand scanning to Scan the boot sectors of all disks Move infected files to a quarantine directory and notify the user that an infected file was found Allow the...

Page 5: ...tronger password that is also easier for the user to remember For example My dog Fido has 50 fleas is a much stronger password and much easier to remember than X 9d8oc Ek Enforce password history set to 24 passwords remembered This prevents reuse of the same password too quickly Password must meet complexity requirements set to enabled improves encryption and makes guessing harder Suggest requirin...

Page 6: ...will reject any incoming connections by default Exceptions must be put into the firewall to allow incoming connections to succeed If not manually configured on first usage the Windows firewall will prompt the user to add a firewall exception Use the following configuration settings The firewall is on The firewall is on for all network locations Home or work Public or Domain The firewall is on for ...

Page 7: ...accessible fit locks or remove the DVD drives Disable unused USB ports to prevent USB drives or other uncontrolled devices from being connected to the system Such devices may be used to introduce a virus or other malware Also disable or physically protect the power button to prevent unauthorized use Set the BIOS to boot only from the operating system s root partition drive Set a BIOS password ensu...

Page 8: ... M S 01 18 Printed in United States By using this Honeywell literature you agree that Honeywell will have no liability for any damages arising out of your use or modification to the literature You will defend and indemnify Honeywell its affiliates and subsidiaries from and against any liability cost or damages including attorneys fees arising out of or resulting from any modification to the litera...

Reviews:

No comments

Related manuals for SmartVFD

ABB Relion REC670 Operator'S Manual preview
Relion REC670
Brand: ABB Pages: 116
ABB Relion REC670 Product Manual preview
Relion REC670
Brand: ABB Pages: 138
zipwake S Series Troubleshooting Manual preview
S Series
Brand: zipwake Pages: 12
jbc UCR Instruction Manual preview
UCR
Brand: jbc Pages: 12
IBM 1710 Manual preview
1710
Brand: IBM Pages: 72
GE PACSystems RX7i Reference Manual preview
PACSystems RX7i
Brand: GE Pages: 317
CAME Z Series Instruction Manual preview
Z Series
Brand: CAME Pages: 12
CAME G5000 Installation, Operation And Maintenance Manual preview
G5000
Brand: CAME Pages: 32
Handicare VR2 User Manual preview
VR2
Brand: Handicare Pages: 56
Rain Bird IQ Installation & User Manual preview
IQ
Brand: Rain Bird Pages: 48
Fagor 101 Operating Manual preview
101
Brand: Fagor Pages: 103
ZETRON MAX Connection Manual preview
MAX
Brand: ZETRON Pages: 3
KAR-TECH MICRO Installation And Operation Manual preview
MICRO
Brand: KAR-TECH Pages: 28
2VV AirGENIO SUPERIOR Manual preview
AirGENIO SUPERIOR
Brand: 2VV Pages: 27
SAI Connect Operation Manual preview
Connect
Brand: SAI Pages: 16
Accutrol VTS Installation & Operation Manual preview
VTS
Brand: Accutrol Pages: 25
Badger Meter MDS 2000 Installation And Software Manual preview
MDS 2000
Brand: Badger Meter Pages: 48
bar PCS Series Quick Start preview
PCS Series
Brand: bar Pages: 2

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

ABB AEG Acer Asus Beko Black & Decker Bosch Brother Candy Canon Cisco Craftsman D-Link DeWalt Dell Electrolux Emerson Epson Frigidaire Fujitsu GE HP Haier Hitachi Honeywell Huawei Husqvarna JVC Kenmore Kenwood KitchenAid LG Lenovo Makita Miele Mitsubishi Electric Motorola NEC Nikon Nokia Panasonic Philips Pioneer Samsung Sanyo Sharp Siemens Sony TP-Link Toshiba Whirlpool Xiaomi Yamaha Zanussi Load more brands