The ability to encrypt the communications path is needed when that path includes a network that is shared and carries other data. In the case of a serial connection, physical access to the communication wires is required and encryption is typically not required. The Doors.NET™ system has the ability to encrypt the data between the Application Server and the Gateways/Clients and also between the Gateway and the Controllers. It is important to note that these are independent of each other and can be different encryption algorithms and bit strength.
Encryption capabilities are implemented in two areas: Network socket communications between the Application Server and all incoming connections and the Gateway communications to each controller connected to that Gateway.
The encryption options for the network sockets are:
Data security for connections between the controllers and the Gateway is provided by the full implementation of the Federal Information Processing Standard, FIPS-197, utilizing the Advanced Encryption Standard (AES), also known as Rijandael, a symmetric encryption algorithm. FIPS-197 supersedes the aging Data Encryption Standard (DES) defined in FIPS-46-3. The common notation AES followed by a numeric suffix indicates the particular key size used in the implementation. AES-128 indicates the use of a 128-bit key and is the algorithm/bit strength supported between the controller and the Gateway. A thorough description of the AES algorithm can be found in NIST-197.
Enabling the data security feature ensures that panels can only connect to the correct gateway. If other SCP gateways are present on the system, panels with data security enabled will not connect to them.
To set up the feature:
Navigate to the “Host Comm” page.
In the “Data Security field select either “ TLS Required” or “TLS if Available” Click on “Accept” to save the entry, then navigate to “Apply Settings” to reboot the panel.
“Accept” to save the entry, then navigate to “Apply Settings” to reboot the panel.
Go back to the panel properties page in Doors.Net – hardware. In the “Misc\Communications” field you will see the panel as “Online (Encrypted).