The Metasys system offers secure user access by authenticating the user name and password of any user who attempts to connect to the system. OAS also supports authentication using the Microsoft Active Directory® directory service. Refer to the Security Administrator System Technical Bulletin (LIT-1201528) for details.
When a valid user account is identified, the connection is authorized and system access is granted based on the access privileges defined by the Metasys security administrator system for the user account.
System categories assign access privileges and action sets to individual users or to a group of users with the same role. System categories define the type of building equipment and points accessible when operating the system. Action sets define the authorized operation level. Users may be authorized to only view items or may be enabled to also acknowledge alarms and issue commands. At the highest level, users are authorized to modify system configuration parameters.
In addition to system access privileges assigned to users, you can also assign access to spaces and equipment serving spaces with the Space Authorization feature in the Metasys UI.
The Audit Trail on the OAS records user activities such as alarm acknowledgment, logins, failed logins, sending commands, and point modification.
In addition to user authentication, standard IT security technologies (including firewall programs and encoding protocols) protect the building automation system and network from unauthorized access.
Hypertext Transfer Protocol Secure (HTTPS) with TLS 1.2 is now implemented between Metasys components, including the OAS, Metasys UI, System Configuration Tool (SCT), and network engines. This enhancement ensures the highest level of security to protect your building automation system from unauthorized users and computer hackers.
Self-signed certificates are installed by default on the OAS. As an option, the customer can apply or purchase trusted certificates on the OAS. One of three security shield icons are displayed in the Site Management Portal (SMP) to indicate the current level of a connection: trusted, self-signed, or untrusted.
Lastly, you can configure the use of an external Syslog server to capture messages from the Metasys system. Network engines can be configured to send audit log entries and event notifications to an external, customer-provided industry-standard Syslog server destination.