January 2021
6
Pathport® OCTO - 64XX - Manual
SECURITY
BACKGROUND INFORMATION
On
January 1, 2020
, California became the first state to enforce cybersecurity and IoT related legislation. Oregon, New
York and Massachusetts are following suit. California’s law is Title 1.81.26 “Security of Connected Devices” and mandates
that we equip our products with security features that are appropriate to the nature and function of the device. By law, this
encompasses all products that are assigned Internet Protocol addresses which can connect to the Internet directly or indirectly.
Pathway Connectivity, a division of Acuity Brands, will only ship compliant devices regardless of the jurisdiction into which
they are sold.
The law requires us to either supply a unique password for our products (see
Local Configuration Only
below) or requires
the users to change the password before being able to use it (See
Creating a Security Domain
below). With Pathscape V3
and later, we provide features that protect our products from unauthorized access or use by enforcing passwords.
Pathway Connectivity does not collect or store personal information on our devices.
WHAT THIS MEANS TO YOU
1. When using products shipped after January 1, 2020, Pathscape will require a single password to allow configuration of all
the devices on your network. Since the release of Pathscape V4, all Pathway Connectivity products can be upgraded to
firmware version 6.x. It is suggested you upgrade your devices to take advantage of the most recent security improvements.
2. Products shipped before January 1, 2020, devices with version 3.x and 4.x firmware will continue to function without
passwords using either Pathscape version 3 or 4.
3. All products shipped after January 1, 2020 may only be configured using Pathscape 4 or later.
4. Products shipped after January 1, 2020 cannot be downgraded to earlier password-free firmware.
Using the
Tools >
Firmware Updater
dialog (see later in the manual for instructions), devices manufactured before
January 1, 2020 may show newer firmware versions, but using the
Select Latest
button will not select the latest. These
devices do not have a method, like a front panel, to factory default them. You can manually select the latest firmware using
the
Select Firmware
button, but do
not forget the new password
as you cannot factory default them.
We highly recommend printing the Password Recover PDF when creating a Security Domain so you can reset
lost passwords.
5. Products that are fully configurable from the front panel can enter
Local Configuration Mode
(
Read-Only mode
). This
allows them to be configured locally, but not over the network.
6. You will be encouraged to print or save a recovery key in case you lose the password. Do so when setting up your Security
Domain. It is the
only chance
you’ll get to save/print/see this Recovery Key.
7. If you lose the password and lose the recovery key, you will manually have to factory default each device on the network.
See the resource section of the Pathway website for a comprehensive document describing how to manually factory
default all our devices.
8. The complete network configuration may be saved without a password before factory defaulting devices. Applying the
saved configuration will require a new password to be set for the network.
9. Configuring our devices to receive unsecured protocols such as sACN and Art-Net will require you to accept the risks.
See WARNING BOX regarding unsecured protocols below.
By default, all Pathway Connectivity products sent and/or receive Pathway ssACN which is an authenticated method of
transporting the E1.31 protocol within a Security Domain.
Summary of Contents for Pathport OCTO 64 Series
Page 7: ......