TAC Vista Bedienungsanleitung
High Security Systems
Technical Manual
High Security Systems
Technical Manual
Copyright © 2006 TAC AB. All rights reserved.
This document, as well as the product it refers to, is only intended for licensed users. TAC AB owns the copyright of this document and reserves
the right to make changes, additions or deletions. TAC AB assumes no responsibility for possible mistakes or errors that might appear in this
document.
Do not use the product for other purposes than those indicated in this document.
Only licensed users of the product and the document are permitted to use the document or any information therein. Distribution, disclosure,
copying, storing or use of the product, the information or the illustrations in the document on the part of non-licensed users, in electronic or
mechanical form, as a recording or by other means, including photo copying or information storage and retrieval systems, without the express
written permission of TAC AB, will be regarded as a violation of copyright laws and is strictly prohibited.
Trademarks and registered trademarks are the property of their respective owners.
High Security Systems, Technical Manual Contents
TAC AB, Nov 2006 5 (20)
04-00007-01-en
Contents
1 About this Manual 7
1.1 Typographic Conventions .......................................................................................... 8
2 Basic Demands 9
2.1 System Topology and Configuration ......................................................................... 9
2.1.1 TAC Xenta Protection................................................................................................ 11
2.1.2 Functional Description ............................................................................................... 11
3 User's Guide for System Configuration 13
3.1 Setting up Windows Accounts in TAC Vista. ........................................................... 15
4 Setting up Access Control Protection of Objects in the TAC Vista Database 17
Contents High Security Systems, Technical Manual
6 (20) TAC AB, Nov 2006
04-00007-01-en
High Security Systems, Technical Manual 1 About this Manual
TAC AB, Nov 2006 7 (20)
04-00007-01-en
1 About this Manual
This manual describes a particular process. For information on certain
products, we refer you to the manual or the Help for the product in ques-
tion.
For information on how to install software, we refer you to the instruc-
tions delivered with the software.
For information on third party products, we refer you to the instructions
delivered with the third party product.
If you discover errors and/or unclear descriptions in this manual, please
contact your TAC representative.
Note
We are continuously improving and correcting our documentation.
This manual may have been updated.
Please check our Docnet site at www.tac.com for the latest version.
1 About this Manual High Security Systems, Technical Manual
8 (20) TAC AB, Nov 2006
04-00007-01-en
1.1 Typographic Conventions
Throughout the manual the following specially marked texts may occur.
!
Warning
Alerts you that failure to take, or avoid, a specific action might result
in physical harm to you or to the hardware.
Caution
Alerts you to possible data loss, breaches of security, or other more
serious problems.
Important
Alerts you to supplementary information that is essential to the com-
pletion of a task.
Note
Alerts you to supplementary information.
Tip
Alerts you to supplementary information that is not essential to the
completion of the task at hand.
Advanced
Alerts you that the following information applies to complex tasks or
tasks restricted by access.
High Security Systems, Technical Manual 2 Basic Demands
TAC AB, Nov 2006 9 (20)
04-00007-01-en
2 Basic Demands
The basic demands of the system are to fulfil the following require-
ments:
• Data security – Data security ensures that raw data collected by
the system is not corrupted or distorted during transport from the
sensor to a secure database. The raw data includes both the actual
values and the time stamps of these values.
• Data integrity – Data integrity ensures that raw data in the secure
database cannot be compromised, manipulated or altered acciden-
tally or intentionally by any user of the system. This also covers
the transport of values from the sensors to the secure database.
• System reliability – System reliability ensures that a single point
of failure in the system is not fatal for the continuous recording of
raw data in the secure database.
2.1 System Topology and Configuration
The system requires a Windows domain controller to administer users
and user groups.
The server has to be run under a domain account with administrative
privileges on the local computer, and be executed as a Windows service.
TAC Vista Server
Logging in the Secure
Database
Windows NT Server
Domain controller
TAC Vista Server
Supervising the Log
server
2 Basic Demands High Security Systems, Technical Manual
10 (20) TAC AB, Nov 2006
04-00007-01-en
The Vista server should be configured to accept Windows user authori-
zation only. This means that Vista users defined in the TAC Vista data-
base cannot gain access to the system.
The disk volume of the Vista system and database should be formatted
as NTFS partitions, which enables files and directories to be protected
from changes in access. The TAC Vista database directories (object
database and event log database) should be protected from changes in
access by normal users, but of course be fully accessible by the account
running the TAC Vista server. An automatic function of the TAC Vista
server provides this protection.
The TAC Vista servers should be configured to perform scheduled
backup automatically. The backup files should be directed to a shared
directory on the server. The server should be scheduled to create these
backup files on a write-only medium such as a CD-ROM. A stand-alone
TAC Vista and Server can be installed on the server to view the backups
made.
TAC Vista database objects that are critical to the requirements of data
security during data logging, should be protected from being changed
by the users of TAC Vista. Only one user account should be registered
as the Owner of the TAC Vista database. No user should be given the
right to change access to TAC Vista objects. Only the owner has the
right to make changes. Protected objects should include:
• Sensor objects in data log definitions
• Data log definition objects
• Event log definition object
• Alarm objects reporting conditions on hardware involved in log-
ging data
• Database Backup definition objects
• Time event objects controlling automatic backup
• Xenta outstation objects
The owner account should be protected from intrusion by using pass-
word expiration and maximum logon attempts in Windows. The server
should be set up to log invalid logon attempts.
The Vista has to be set up to create backups automatically at regular
intervals. The log database definitions in Vista have to define cyclic
logs. It is the creation of backups that secures the data. The hard disk
storing the TAC Vista database should have sufficient capacity to cover
a full cycle of all data logs and the event logs.
At least two Vista servers have to be running permanently on the net-
work. They have to be configured so that if one fails, the other sends an
alarm to a permanently manned site.
The TAC Xenta should be programmed to store eight days of data on a
rolling re-writeable cycle. The TAC Xenta is capable of storing eight
Inhaltsverzeichnis
Beliebte Sicherheitssystem Handbücher anderer Marken
EDM
EDM Solution 6+6 Wireless-AE Bedienungsanleitung
Highway Safety Group
Highway Safety Group EA401 Bedienungsanleitung
Siren
Siren LED GSM Bedienungsanleitung
Detection Systems
Detection Systems 7090i Montageanleitung
Se-Kure Controls
Se-Kure Controls MicroMini SK-4841 Bedienungsanleitung
Siemens
Siemens FDM273 Bedienungsanleitung