Security is applied by the Geo SCADA Expert servers to every client that accesses the system (ViewX, Virtual ViewX, Original WebX, third-party OPC applications, and so on.). For example, a user that accesses the system via a third-party OPC client is subject to the same restrictions as when accessing the system via ViewX.
The Geo SCADA Expert security features are designed to:
- Help protect your system against unauthorized users, both via ViewX and third-party applications
- Restrict system users to those features that are relevant to their duties so that users only make use of the features for which they have been suitably trained
- Reduce the possibility of untrained staff making inappropriate changes to the configuration of your system.
- Allocate security permissions quickly and with minimal effort.
Geo SCADA Expert Security
Geo SCADA Expert has three levels of security:
The overall security of Geo SCADA Expert is managed within the Server Configuration Tool. This tool allows you to define the default level of security for the whole system including:
- Default account settings
- External Authentication settings
- Use of secure connections
- A client access control list, which defines the number and type of clients that can connect to the server.
Each system user requires a user account to access the system. User accounts define the features that a user can access using ViewX and other client applications. You can either manage user accounts directly in Geo SCADA Expert, or remotely by associating them with Windows or LDAP (Lightweight Directory Access Protocol) user accounts.
Each item in the database can have its own security settings that define which User accounts and User Groups can access the item, and which features are available. This is called the Access Control List (ACL) for the item. A set of permissions can be allocated to each account to define which features can be accessed by users.
Third-party applications that access Geo SCADA Expert will use a configured user account or the built-in Guest user, depending on whether client security is supported by the Third Party application