SmartPSS-AC Access Control Solution

User’s Manual

V1.0.5
I
 Foreword

General

This manual introduces the access control solution of SmartPSS-AC (hereinafter referred to as "the
SmartPSS-AC").

Safety Instructions

The following signal words might appear in the manual.

Signal Words Meaning

Indicates a high potential hazard which, if not avoided, will result in

DANGER death or serious injury.

Indicates a medium or low potential hazard which, if not avoided,

WARNING could result in slight or moderate injury.

Indicates a potential risk which, if not avoided, could result in

property damage, data loss, reductions in performance, or
CAUTION
unpredictable results.

TIPS Provides methods to help you solve a problem or save time.

NOTE Provides additional information as a supplement to the text.

Revision History

Version Revision Content Release Time

V1.0.5 Updated staff management function. August 2021

V1.0.4 Updated some images. March 2021

V1.0.3 Updated manual font and content about anti-passback. March 2021

V1.0.2 Added descriptions of memory mode and second unlock. August 2020

 Added first card unlock function, multi card unlock

V1.0.1 function, inter-door lock function. June 2020
 Added video viewing function.

V1.0.0 First release. May 2020

I
Privacy Protection Notice

As the device user or data controller, you might collect the personal data of others such as their face,
fingerprints, and car plate number. You need to be in compliance with your local privacy protection laws
and regulations to protect the legitimate rights and interests of other people by implementing measures
which include but are not limited: Providing clear and visible identification to inform people of the
existence of the surveillance area and provide required contact information.

About the Manual

 The manual is for reference only. Slight differences might be found between the manual and the
product.
 We are not liable for losses incurred due to operating the product in ways that are not in compliance
with the manual.
 The manual will be updated according to the latest laws and regulations of related jurisdictions. For
detailed information, see the paper user’s manual, use our CD-ROM, scan the QR code or visit our
official website. The manual is for reference only. Slight differences might be found between the
electronic version and the paper version.
 All designs and software are subject to change without prior written notice. Product updates might
result in some differences appearing between the actual product and the manual. Please contact
customer service for the latest program and supplementary documentation.
 There might be errors in the print or deviations in the description of the functions, operations and
technical data. If there is any doubt or dispute, we reserve the right of final explanation.
 Upgrade the reader software or try other mainstream reader software if the manual (in PDF format)
cannot be opened.
 All trademarks, registered trademarks and company names in the manual are properties of their
respective owners.
 Please visit our website, contact the supplier or customer service if any problems occur while using
the device.
 If there is any uncertainty or controversy, we reserve the right of final explanation.

II
 Table of Contents

Foreword............................................................................................................................................................ I
1 Overview ........................................................................................................................................................ 1
2 Access Guide .................................................................................................................................................. 2
3 Personnel Management ................................................................................................................................ 3
3.1 Department Management ...................................................................................................................................................... 3
3.2 Staff Management...................................................................................................................................................................... 3
3.2.1 Card Type Setting .......................................................................................................................................................... 4
3.2.2 Adding Staff ..................................................................................................................................................................... 4
3.2.3 Issuing Card in Batches ................................................................................................................................................ 9
3.2.4 Exporting Staff Information .....................................................................................................................................10
3.2.5 Searching for Staff .......................................................................................................................................................10
3.2.6 Staff Displaying.............................................................................................................................................................11
3.3 Permission Configuration......................................................................................................................................................11
3.3.1 Adding Permission Group ........................................................................................................................................11
3.3.2 Configuring Permission .............................................................................................................................................13
4 Time Template Setting ................................................................................................................................ 14
5 Advanced Functions Configuration ........................................................................................................... 17
5.1 First Card Unlock.......................................................................................................................................................................17
5.2 Multi Card Unlock .....................................................................................................................................................................18
5.3 Anti-passback.............................................................................................................................................................................20
5.4 Inter-door Lock ..........................................................................................................................................................................21
6 Access Controller Configuration ................................................................................................................ 23
7 Viewing Historical Event ............................................................................................................................. 26
8 Access Management.................................................................................................................................... 28
8.1 Remotely Opening and Closing Door ...............................................................................................................................28
8.2 Setting Always Open and Always Close...........................................................................................................................29
8.3 Resetting Door Status .............................................................................................................................................................29
Appendix 1 Cybersecurity Recommendations ............................................................................................. 30

III
 1 Overview
The access control solution is used with the access control devices through SmartPSS-AC platform,
which is helpful in small and medium scenarios such as controlling doors remotely and configuring
alarms.

1
 2 Access Guide
You can quickly use the common functions of access control here.
Step 1 Select Access Control Solution in the left bar.
Step 2 Click Access Guide on the homepage.
The guide bar is displayed at any functions.
Step 3 Configure functions in the order from top to bottom and from left to right. For details about
how to use these functions, see the corresponding chapters.
Figure 2-1 Access guide

Table 2-1 Functions of access guide

Functions Description
Device Manager For details, see SmartPSS-AC_General_User's Manual.

Personnel Manager For details, see "3 Personnel Management."

You can set time template, configure parameters of anti-pass back,

Time Template
configure access controller and view historical event."
Permission Group For details, see "3.3 Permission Configuration."

Access Manger You can control door remotely. For details, see "8 Access Management."

2
 3 Personnel Management
You can manage department information and staff information.

3.1 Department Management

You can add, modify or delete department. Here takes the department adding as an example.
Step 1 Select Personnel Manager on the homepage.

Step 2 (Optional) Select the company and click to modify company information, such as region,

email and website.

Step 3 Click in the Department List to add.
Step 4 Select a superior department, and then add a new sub-department. Click OK to confirm.
Figure 3-1 Add department

Figure 3-2 Add department information

Step 5 (Optional) Click in the Department List to delete.

Step 6 (Optional) Select the department and click in the Department List to modify.

3.2 Staff Management

You can add personnel information, issue cards, export personnel information to local, and freeze
cards.

3
3.2.1 Card Type Setting
Before issuing card, set card type first. For example, if the issued card is ID card, select the type as ID
card.

 The system uses hexadecimal card number by default. Click to change to decimal card
number.
 When the card number type is changed, the card number in the Access Manger, user's card,
and History Event will also be changed.
Figure 3-3 Set card type

3.2.2 Adding Staff

Select one of the methods to add staff.
 Add staff one by one manually.
 Add staff in batches.
 Extract staff information from other devices.
 Import staff information from the local.

Adding Staff One by One Manually

Step 1 Click Personnel Manger > User > Add.
Step 2 Add basic information of staff.
1) Select Basic Info.
2) Add basic information of staff, upload picture, and then click Finish to save.

The card number can be read automatically or filled in manually. To automatically read
card number, select the card reader next to Card No., and then place the card on the
card reader. The card number will be read automatically.

4
 Figure 3-4 Add basic information

Step 3 Click Personnel Manger > User > Add > Certification to add staff certification information,
and then click Finish to save..
 Configure password.
For second-generation access controllers, set personnel passwords; for other devices,
set card passwords. New passwords must consist of 6-8 digits.

For some access control devices (for example, ASI1212D model), the maximum length of
unlocking password is 6 characters. If you have configured unlocking passwords for
some devices but the passwords cannot unlock doors, change it to a 6-character
password.
 Configure card.

1) Click to select Device or Card issuer as card reader.

2) Add card. The card number must be added if the non-second generation access

5
 controller is used.
3) After adding, you can select the card as main card or duress card, or replace the card
with new one, or delete the card.

4) Click to display the QR code of the card.

 Configure fingerprint.

1) Click to select Device or Fingerprint Scanner as the fingerprint collector.

2) Add fingerprint. Click Add Fingerprint and press finger on the scanner for three times
continuously.
 Extract feature code: Click Extract to extract the face feature information from the
device.
Figure 3-5 Configure certification

Step 4 Configure permissions.

6
 Permission group is a combination of all devices supported by various solutions. After
selecting the permission group, the personnel info will be sent to corresponding device and
used for related functions of access control and attendance check. For details, see "3.3
Permission Configuration."
Figure 3-6 Permission configuration

Step 5 Click Finish.

Step 6 (Optional) If the user that you added has face unlock permission of a device (for example,
ASI1212D model) with IR face feature function, and if you want to grant the user face unlock
permission of other devices with IR face feature function, do the following operations.
1) Click on the right of the user.
2) Click the authentication tag on the pop-up interface.
3) Click .
4) Select devices that are with face features of the user.
5) Click OK and then click Extract.
The user can unlock with faces on the selected devices that are with IR face feature
function.

Adding Staff in Batches

Step 1 Click Personnel Manger > User > Batch Add.
Step 2 Select card reader and the department of staff. Set the start number, end number of card,
effective time and expired time of card.
Step 3 Click Issue and the card number will be read automatically.
Step 4 Click OK.

7
 Figure 3-7 Add staff in batches

Step 5 In the list of staff, click to modify information or add details of staff.

Extracting Staff Information from Other Devices

Step 1 Click Personnel Manger > User > Extract.
Step 2 Select the needed device, and click OK.

8
 Figure 3-8 Devices with staff information

Step 3 Select the needed staff information, and click Extract.

Step 4 In the list of staff, click to modify information or add details of staff.

Importing Staff Information from Local Storage

Step 1 Click Personnel Manger > User > Import.
Step 2 Import staff information according to instructions.

3.2.3 Issuing Card in Batches

You can issue cards to staff who have been added but have no card.
Step 1 Select Personnel Manager > User.
Step 2 Select the needed staff and then click Batch Issue Card.
Step 3 Issue card in batches. Card No. can be auto read by card reader or entered manually.
 Auto read
1) Select card reading device, and then click Issue.
2) According to the order list, put the cards of the corresponding staff on card reader in
sequence, and then the SmartPSS-AC will auto read the card No..
3) Modify staff info, such as start time and end time for card validation.
 Enter manually
1) Select staff in card list and enter the corresponding card No..
2) Modify staff info, such as start time and end time for card validation.

9
 Figure 3-9 Issue card in batches

Step 4 Click OK.

3.2.4 Exporting Staff Information

Select the staff information which needs to be exported, and then click Export to export all staff
information to local.

3.2.5 Searching for Staff

Search for staff who meet the conditions, according to ID, name or card.
Figure 3-10 Search for staff

10
3.2.6 Staff Displaying
You can select display modes: card display and list display; and you can also edit department and
valid time of users in batches.
Figure 3-11 Card display

Figure 3-12 List display

Figure 3-13 Edit department

3.3 Permission Configuration

3.3.1 Adding Permission Group

Step 1 Click Personnel Manger > Permission Configuration.

Step 2 Click to add a permission group.

Step 3 Set permission parameters.

1) Enter group name and remark.
2) Select the needed time template.

11
 For details of time template setting, see SmartPSS-AC_Access Control Solution_User's
Manual.
3) Select the corresponding device, such as door 1.
Step 4 Click OK to save operations.

Step 5 (Optional) Click to delete group.

Step 6 (Optional) Click to modify group info.

Step 7 (Optional) Double-click permission group name to view group info.
Figure 3-14 Add permission group (1)

Figure 3-15 Add permission group (2)

12
3.3.2 Configuring Permission
The method to configure permission for department and for personnel is similar, and here takes
department as an example.
Step 1 Click Personnel Manger > Permission Configuration.

Step 2 Click .
Step 3 Select the department need to be configured permission.
Step 4 Click OK.
Figure 3-16

Step 5 (Optional) Click in the left navigation bar to view the authorization progress. Click

to view the details.

13
 4 Time Template Setting
Time template is to configure the working hours of access controllers, such as when to open and
when to open. The SmartPSS-AC provides 4 time templates by default. You can set new time
templates as needed.

The default templates cannot be modified.

Step 1 Click Access Configuration on the homepage. (Or select Access Guide > on the
homepage.)
Step 2 Click Add.
Step 3 Set time template.
1) Enter Template Name and description note.
2) Click Week Plan to set week plan to allow personnel to pass through during specified
periods from Monday to Sunday. Up to 4 needed time periods for each day.
There are two methods.

 Method 1: Move the cursor to the period area. When cursor is , click the periods

that are not needed, and the periods become gray and not allow personnel to pass

through. When cursor is , click the needed periods, and the periods become

green and allow personnel to pass through. Click Save.

Figure 4-1 Set week plan (method 1)

 Method 2: Click to the right of the time bar, and set time period. You can apply
the set time period to other days. Click OK and Save.

14
 Figure 4-2 Set week plan (method 2)

3) (Optional) Click to recycle the week plan.

4) Click Holiday Plan to set holiday plan. Set the time periods; click Add, enter the
holiday information on the right side of the interface, and then click OK. Select the
needed holiday in the Holiday List and click OK.

 When the week plan and the holiday plan are in conflict, the holiday plan has higher priority.
For example, if the week plan is set to allow access but the holiday plan is not, the access
controller is accessible.
 After the time template is configured, assign the permission in Personnel Manager >
Permission Configuration when selecting time template.
Figure 4-3 Set holiday plan (1)

15
Figure 4-4 Set holiday plan (2)

16
 5 Advanced Functions Configuration

5.1 First Card Unlock

Only after the specified first-card user swipes the card every day can other users unlock the door with
their cards. You can set multiple first cards. Only after any one of the users swipes the first card can
other users without first cards unlock the door with their cards.

 The person to be granted with the first card unlock permission should be the General user type
and have permission of the certain door. Set the type when adding. For details, see "3.2.2
Adding Staff."
 For details of permission assignment, see "3.3 Permission Configuration."
Step 1 Select Access Configuration > Advanced Config.
Step 2 Click the First Card Unlock tab.
Step 3 Click Add.
Step 4 Configure the First Card Unlock parameters and click Save.
Figure 5-1 First card unlock configuration

Table 5-1 Parameters of first card unlock

Parameter Description
Door Select the target access control channel to configure the first card unlock.
Timezone First Card Unlock is valid in the time period of the selected time template.
After First Card Unlock is enabled, the door is in either the Normal mode or
Status
Always Open mode.

17
 Parameter Description
Select the user to hold the first card. Supports selecting a number of users to
User hold first cards. Any one of them swiping the first card means first card unlock is
done.
Step 5 (Optional) Click . The icon changing into indicates First Card Unlock is enabled.
6) The newly added First Card Unlock is enabled by default.

5.2 Multi Card Unlock

In this mode, one or multiple groups of users have to swipe cards for an access control channel in an
established sequence to unlock the door.
One group can have up to 50 users, and one person can belong to multiple groups.
With Multi-Card Unlock enabled for an access control channel, there can be up to four groups of users being
on site at the same time for verification. The total number of users can be 200 at most, with up to 5 valid users.

 First card unlock has higher priority than multi-card unlock, which means if the two rules are
both enabled, the system performs first card unlock first.
 You are recommended to add people with first card unlock permission to the multi-card Unlock
group.
 Do not set the VIP or Patrol type for people in the user group. For details, see "3.2.2 Adding
Staff."
 For details of permission assignment, see "3.3 Permission Configuration."
Step 1 Select Access Configuration > Advanced Config.
Step 2 Click the Multi Card Unlock tab.
Step 3 Add user group.
1) Click User Group.
Figure 5-2 User group manager

18
 2) Click Add.
Figure 5-3 User group configuration

3) Set up User Group Name. Select users from User List and click OK. You can select up
to 50 users.
4) Click at the upper-right corner of the User Group Manager interface.
Step 4 Configure parameter of multi card unlock.
1) Click Add.
Figure 5-4 Multi card unlock configuration (1)

2) Select the door.

3) Select the user group. You can select up to four groups.

19
 Figure 5-5 Multi card unlock configuration (2)

4) Fill in the Valid Count for each group to be on site and the Unlock Mode. Click or

to adjust the group sequence to unlock the door.

The valid count refers to the number of users in each group that must be on site to
swipe their cards. Take Figure 5-5 as an example. The door can be unlocked only if it
swiped by any person of group 1 and 2 persons of group 2.

Up to five valid users are allowed.

5) Click OK.
Step 5 (Optional) Click . The icon changing into indicates Multi Card Unlock is enabled.
The newly added Multi Card Unlock is enabled by default.

5.3 Anti-passback
The Anti-passback feature requires a person to enter/exit through defined entry/exit door group.
What is more, you cannot leave without matched entry record, nor can you enter without a complete
entry/exit record (for example, only entry record).
Step 1 Select Access Configuration > Advanced Config.
Step 2 Click Add.
Step 3 Configure parameters.
1) Select device and enter device name.
2) Select time template.
3) Set rest time and the unit is minute. For example, set the reset time as 30 minutes. If
one staff has swiped in but not swiped out, the anti-pass back alarm will be triggered
when this staff tends to swipe in again within the 30 minutes. The second swipe-in of
this staff is only valid after 30 minutes later.

20
 4) Click In Group and select the corresponding reader. And then click Out Group and
select the corresponding reader.
5) Click OK. And then the configuration will issue to device and take effect.
Figure 5-6 Anti-pass back configuration

Step 4 (Optional) Click . The icon changing into indicates Anti-passback is enabled.
The newly added Anti-passback is enabled by default.

5.4 Inter-door Lock

Inter-door lock allows only one access open in a door group at a time. When opening one access,
other accesses must be closed. Otherwise, you cannot unlock any access.

Inter-door lock does not apply to doors in different door groups.

One A&C central controller supports two groups of inter-door unlock, and each door group can add
up to 4 doors.
Step 1 Select Access Configuration > Advanced Config.
Step 2 Click the Inter-Lock tab.
Step 3 Click Add.
Step 4 Configure parameters and click OK.
1) Select device and enter device name.
2) Enter remark.
3) Click Add twice to add two door groups.

21
 4) Add doors of the access controller to the needed door group. Click one door group and
then click doors to add.
5) Click OK.
Figure 5-7 Inter-door lock configuration

Step 5 (Optional) Click . The icon changing into indicates Inter-door Lock is enabled.
The newly added Inter-door Lock is enabled by default.

22
 6 Access Controller Configuration
You can configure access door, such as reader direction, door status and unlock mode.
Step 1 Select Access Configuration > Access Config.
Step 2 Click the door needs to be configured.
Step 3 Configure parameters.
Figure 6-1 Configure access door

23
 Figure 6-2 Unlock by time period

Table 6-1 Parameters of access door

Parameter Description
Door Enter door name.

Reader Direction Click to set reader direction according to actual situations.

Set door status, including Normal, Always Open and Always Close.

Status It is not the actual door status because the SmartPSS-AC can only
send commands to the device. If you want to know the actual door
status, enable door sensor.
Keep Open Timezone Select time template when door is always opened.

Keep Close Timezone Select time template when door is always closed.
Enable alarm function and set alarm type, including intrusion,
Alarm overtime and duress. When alarm enabled, the SmartPSS-AC will
receive uploaded message when the alarm is triggered.
Enable door sensor so that you can know the actual door status. You
Door Sensor
are recommended to enable the function.
Enable and set the administrator password. You can access by
Administrator Password
entering the password.

Enable the function and set the time template, and then the access
Remote Verification of personnel have to be verified remotely through the SmartPSS-AC
during the template periods.

Set the unlock holding interval. The door will auto close when time is
Unlock Hold Interval
over.
Set the timeout for alarm. For example, set close timeout as 60
Close Timeout seconds. If the door is not closed for more than 60 seconds, the
alarm message will be uploaded.

24
 Parameter Description

Select unlock mode as needed.

 Select And and select unlock methods. You need to satisfy all
the configured methods at the same time to open the door.
Unlock Mode  Select Or and select unlock methods. You can open the door in
any way you configured..
 Select Unlock by time period and select unlock mode for each
time period. The door can only be opened when you satisfy the
unlock methods during the period.

After swiping card once, more than one person can pass the
turnstile. There are two modes: Off (default) and On.
 If several people are permitted to pass the turnstile, and one of
them did not start to pass the turnstile in 5 seconds, or the one
did not pass the turnstile within specified duration and stayed
overtime between the turnstiles, the swing barriers will be
locked. At this time, you need to swipe cards several times to
allow several people pass the turnstile continuously.
 In the memory mode, if card swiping interval exceeds single
Memory Mode
person passing duration, the memory function will not be
triggered.
 The interval between two identity verifications must be longer
than the unlock duration of the access controller or the face
recognitions access controller; otherwise, only one identity
verification will be counted. The recommended identity
verification interval is 2 s to 5 s.
 In the memory mode, at most 255 people can pass the turnstile
continuously.
After people entered the turnstile and triggered alarms, they do not
need to step backwards and can get identities verified directly.
Second Unlock
Memory mode and second unlock functions are only available for
turnstiles.
Step 4 Click Save and then the configuration will issue to device and take effect.

25
 7 Viewing Historical Event
Historical door events include those happened on the SmartPSS-AC and door devices. Before viewing,
extract historical events on the door devices to ensure that all events are searched.
Step 1 Add the needed personnel to the SmartPSS-AC.
Step 2 Click Access Configuration > History Event on the homepage.
Step 3 Click on the Access Manager interface.
Step 4 Extract events from door device to the local. Click Extract, set the time, select the door
device, and then click Extract Now.

You can select multiple devices at one time to extract events.

Figure 7-1 Extract events

Step 5 Set filtering conditions, and then click Search.

26
 Figure 7-2 Search for events by filtering conditions

Step 6 (Optional) Click Export, and then operate according to instructions to save the searched
door events to the local.

27
 8 Access Management

8.1 Remotely Opening and Closing Door

After access configuration, you can remotely control door through SmartPSS-AC.

Step 1 Click Access Manager on the homepage. (Or click Access Guide > ).

Step 2 Remotely control the door. There are two methods.

 Method 1: Select the door, right click and select Open.
Figure 8-1 Remotely control (method 1)

 Method 2: Click or to open or close the door.

Figure 8-2 Remotely control (method 2)

Step 3 View door status by Event Info list. For details, see "7 Viewing Historical Event."

 Event filtering: Select the event type in the Event Info, and the event list displays
events of the selected types. For example, select Alarm, and the event list only
displays alarm events.

 Event refresh locking: Click to the right of Event Info to lock or unlock the event

list, and then the real-time events cannot be viewed.

 Event deleting: Click to the right of Event Info to clear all events in the event list.

28
8.2 Setting Always Open and Always Close
After setting always open or always close, the door is open or closed all the time and cannot be
controlled manually. If you want to manually control the door again, click Normal to reset the door
status.

Step 1 Click Access Manager on the homepage. (Or click Access Guide > ).

Step 2 Select the needed door, and then click Always Open or Always Close.
Figure 8-3 Set always open or always close

8.3 Resetting Door Status

Click Normal to reset the door status, if you want to manually control the door again when you have
clicked Always Open or Always Close.

Step 1 Click Access Manager on the homepage. (Or click Access Guide > ).

Step 2 Select the needed door, and then click Normal. And then follow the on-screen instructions
to operate.
Figure 8-4 Reset door status

29
Appendix 1 Cybersecurity Recommendations

Cybersecurity is more than just a buzzword: it’s something that pertains to every device that is
connected to the internet. IP video surveillance is not immune to cyber risks, but taking basic steps
toward protecting and strengthening networks and networked appliances will make them less
susceptible to attacks. Below are some tips and recommendations on how to create a more secured
security system.
Mandatory actions to be taken for basic device network security:
1. Use Strong Passwords
Please refer to the following suggestions to set passwords:
 The length should not be less than 8 characters;
 Include at least two types of characters; character types include upper and lower case
letters, numbers and symbols;
 Do not contain the account name or the account name in reverse order;
 Do not use continuous characters, such as 123, abc, etc.;
 Do not use overlapped characters, such as 111, aaa, etc.;
2. Update Firmware and Client Software in Time
 According to the standard procedure in Tech-industry, we recommend to keep your device
(such as NVR, DVR, IP camera, etc.) firmware up-to-date to ensure the system is equipped
with the latest security patches and fixes. When the device is connected to the public
network, it is recommended to enable the “auto-check for updates” function to obtain
timely information of firmware updates released by the manufacturer.
 We suggest that you download and use the latest version of client software.
"Nice to have" recommendations to improve your device network security:
1. Physical Protection
We suggest that you perform physical protection to device, especially storage devices. For
example, place the device in a special computer room and cabinet, and implement well-done
access control permission and key management to prevent unauthorized personnel from
carrying out physical contacts such as damaging hardware, unauthorized connection of
removable device (such as USB flash disk, serial port), etc.
2. Change Passwords Regularly
We suggest that you change passwords regularly to reduce the risk of being guessed or
cracked.
3. Set and Update Passwords Reset Information Timely
The device supports password reset function. Please set up related information for password
reset in time, including the end user’s mailbox and password protection questions. If the
information changes, please modify it in time. When setting password protection questions, it is
suggested not to use those that can be easily guessed.
4. Enable Account Lock
The account lock feature is enabled by default, and we recommend you to keep it on to
guarantee the account security. If an attacker attempts to log in with the wrong password
several times, the corresponding account and the source IP address will be locked.
5. Change Default HTTP and Other Service Ports
We suggest you to change default HTTP and other service ports into any set of numbers
between 1024~65535, reducing the risk of outsiders being able to guess which ports you are
using.

30
6. Enable HTTPS
We suggest you to enable HTTPS, so that you visit Web service through a secure
communication channel.
7. MAC Address Binding
We recommend you to bind the IP and MAC address of the gateway to the device, thus
reducing the risk of ARP spoofing.
8. Assign Accounts and Privileges Reasonably
According to business and management requirements, reasonably add users and assign a
minimum set of permissions to them.
9. Disable Unnecessary Services and Choose Secure Modes
If not needed, it is recommended to turn off some services such as SNMP, SMTP, UPnP, etc., to
reduce risks.
If necessary, it is highly recommended that you use safe modes, including but not limited to the
following services:
 SNMP: Choose SNMP v3, and set up strong encryption passwords and authentication
passwords.
 SMTP: Choose TLS to access mailbox server.
 FTP: Choose SFTP, and set up strong passwords.
 AP hotspot: Choose WPA2-PSK encryption mode, and set up strong passwords.
10. Audio and Video Encrypted Transmission
If your audio and video data contents are very important or sensitive, we recommend that you
use encrypted transmission function, to reduce the risk of audio and video data being stolen
during transmission.
Reminder: encrypted transmission will cause some loss in transmission efficiency.
11. Secure Auditing
 Check online users: we suggest that you check online users regularly to see if the device is
logged in without authorization.
 Check device log: By viewing the logs, you can know the IP addresses that were used to log
in to your devices and their key operations.
12. Network Log
Due to the limited storage capacity of the device, the stored log is limited. If you need to save
the log for a long time, it is recommended that you enable the network log function to ensure
that the critical logs are synchronized to the network log server for tracing.
13. Construct a Safe Network Environment
In order to better ensure the safety of device and reduce potential cyber risks, we recommend:
 Disable the port mapping function of the router to avoid direct access to the intranet
devices from external network.
 The network should be partitioned and isolated according to the actual network needs. If
there are no communication requirements between two sub networks, it is suggested to
use VLAN, network GAP and other technologies to partition the network, so as to achieve
the network isolation effect.
 Establish the 802.1x access authentication system to reduce the risk of unauthorized access
to private networks.
 Enable IP/MAC address filtering function to limit the range of hosts allowed to access the
device.

31