New Login Process for Managed Devices
Beginning January 1, 2020 there will be a new login process for managed devices to better prevent the creation of botnets.
A botnet is a collection of devices attached to the Internet and under the control of a third party. Botnets are typically used for malicious purposes, such as denial of service attacks. To create a botnet, someone must take control of these Internet-connected devices, for example home routers or IP cameras. Unfortunately, this is simple because many people connect devices to the Internet without changing the default passwords.
A lot of effort has been put into discovering and destroying botnets, but until now very little effort has been put into preventing their creation. This is about to change. Across the world, countries are in the process of defining regulations to prevent the creation of botnets.
Belden has its part to play in the fight against botnets. Beginning January 1, 2020 we will only deliver products running software which complies with upcoming legislation. The following products will benefit from the changes:
Every device will be delivered with a unique password. There will be no default passwords.
All Other Managed Hirschmann and GarrettCom Devices
The default administrator User Name/Password combination will be valid for one-time use. Users will be required to change the device password during the first login, before the user interface can be accessed. There will be no default read-only user.
Network Management Software
Industrial HiVision (licensed) and HiView (free of charge) will be updated to include an optional bulk password change function. This will allow a device’s password to be changed when the IP address is set. As a result, multiple devices can be secured with minimal effort.
Previous Software Versions
To ensure compliance, devices will only be delivered with software versions released from January 2020 onwards. As is the case today, previous versions will be available for download online. Devices running previous versions can be updated without requiring a later password change.