Index | Prev | Next

Advanced Options

This selection from the Platform Administration view differs slightly depending on which type of JACE platform is accessed.

Advanced Options for NiagaraAX JACE platforms

For NiagaraAX JACE platforms, this dialog appears to enable/disable FTP, Telnet, and Daemon Debug functions, as shown. For Windows-based hosts, you typically use Windows “Remote Desktop Connections” instead.

Figure 61.   Advanced Platform Options dialog
Image

As factory-shipped, a QNX-based NiagaraAX JACE, has the FTP and Telnet service disabled -- this may be best, especially if the platform is exposed to the public Internet. However, in some cases you may wish to temporarily enable one or both services, perhaps to facilitate debugging.

 
CAUTION: FTP and Telnet pose security risks. We strongly recommend you keep each one disabled, unless otherwise directed by Systems Engineering.
 

Note that Telnet access to a QNX-based JACE controller provides "system shell" access, providing (after login using platform credentials) the same menu as "serial shell access" to its RS-232 port. For related details, see the "System shell" section in the JACE NiagaraAX Install & Startup Guide.

You can also change the TCP/IP port used by each service from the "well-known" port to some other port. However, be sure that any firewalls being used on your network will allow traffic to that port.

Advanced Options for Niagara 4 platforms

For Niagara 4 JACE platforms, such as the JACE-8000, this option is available to enable, disable, or configure SFTP (Secure File Transfer Protocol) or SSH (Secure Shell Protocol) access. For Windows-based hosts, you typically use Windows “Remote Desktop Connections” instead.

Figure 62.   Advanced Platform Options dialog
Image
 
NOTE: This replaces an “FTP/Telnet” selection available for QNX-based JACE platforms running NiagaraAX, which are both inherently less secure services.
 

As factory-shipped, a Niagara 4 JACE controller has the SFTP and SSH service disabled — which protects against platform exposure to the public Internet. However, in some cases you may wish to temporarily enable the single port shared by these services, perhaps to facilitate debugging.

 
CAUTION: Even SFTP and SSH pose security risks. Before enabling, we strongly recommend you configure for platform SSL only, and keep this function disabled, unless otherwise directed by Systems Engineering.
 

Note that SSH access to a JACE controller provides “system shell” access, providing (after login using platform credentials) the same menu as “serial shell access” to its RS-232 port. For related details, see the “System shell” section in the JACE Niagara 4 Install & Startup Guide.

You can also change the TCP/IP port shared by these services from the “well-known” port to some other port. However, be sure that any firewalls being used on your network will allow traffic to that port.

Related Links

  • Platform Administration (Parent Topic)

    • Index | Prev | Next

    Copyright © 2000-2016 Tridium Inc. All rights reserved.