CYBERSENTRY

The CyberSentry Embedded Security feature is a software option that provides advanced

security services. When the software option is purchased, the Basic Security is

automatically disabled.

CyberSentry provides security through the following features:

• An Authentication, Authorization, Accounting (AAA) Remote Authentication Dial-In

User Service (RADIUS) client that is centrally managed, enables user attribution, and

uses secure standards based strong cryptography for authentication and credential

protection.

• A Role-Based Access Control (RBAC) system that provides a permission model that

allows access to 889 device operations and configurations based on specific roles

and individual user accounts configured on the AAA server. At present the defined

roles are: Administrator, Operator and Observer.

• Strong encryption of all access and configuration network messages between the

EnerVista software and 889 devices using the Secure Shell (SSH) protocol, the

Advanced Encryption Standard (AES), and 128-bit keys in Galois Counter Mode (GCM)

as specified in the U.S. National Security Agency Suite B extension for SSH and

approved by the National Institute of Standards and Technology (NIST) FIPS-140-2

standards for cryptographic systems.