TOP Server is Secure Out-of-the-Box to Prevent Unauthorized Access

Security is a primary focus in TOP Server

The TOP Server's built-in User Manager and other security features will help you prevent unauthorized changes to your configuration and other cyber threats.  Starting with TOP Server V6.5, users are prompted to enable User Manager as part of the installation by choosing an Administrator account password.

The TOP Server Secure Deployment Considerations Guide is a good resource for ensuring your TOP Server is following best practices for maximum security.  The TOP Server Out-of-the-Box Security Features technical blog also provides a deep dive. 

Secure access to the TOP Server Configuration is fully-configurable

Access to the TOP Server configuration can be restricted through the integrated User Manager. This tool allows the administrator to define user groups and users with restricted access to certain project configuration tasks and provides the ability to disconnect client applications. This ensures that no unauthorized access can occur right from the initial installation, preventing the following undesired actions:

  • Stopping the TOP Server Runtime Service
  • Accessing and making changes to the TOP Server configuration
  • Accessing Administration Settings for the TOP Server application
  • Viewing/changing the OPC UA configuration
  • Running and making changes with the License Utility

TOP Server also offers the ability to encrypt .opf project files—which often contain proprietary information on an organization's network and processes—when they are being transferred to other users or other instances of TOP Server.

And the TOP Server Configuration API is disabled by default and, when enabled, defaults to HTTPS encryption to protect your TOP Server configuration from unauthorized third-party access.

The TOP Server Out-of-the-Box Security Features technical blog also provides a deep dive on these features. 

TOP Server Secure Deployment Guide

This guide provides best practices that existing and new users should consider if their business needs require deploying TOP Server with maximum security.

The guide covers in detail security considerations regarding:

  • Network Environment and System Configuration
  • Host Operating System
  • Installation
  • Post-Installation (including details on specifying Application Data folder permissions)
  • Secure Interfaces
  • Configuration API
  • Ongoing Maintenance

Get the Guide

Secure access to the TOP Server Runtime is fully-configurable

TOP Server also offers various features and functionality to control user access to the server, data source, or data values.

  • The Security Policies plug-in limits access based on OPC UA user credentials while supporting default handling for anonymous users (both OPC UA and other non-OPC UA client interfaces).
    • The ability to dynamically address information can be disabled, limiting user access to tags defined within the project.
    • For full details on using the Security Policies plug-in, please refer to the help file.
  • TOP Server supports a number of secure client standards including SNMP (v3 security), OPC UA, and OPC DA (DCOM security) to further restrict access to the server, as well as a number of secure device protocols to meet the requirements of DNP3, SNMP, and OPC UA data sources.
  • Secure data tunnels can be configured by leveraging multiple TOP Server instances at remote endpoints to pass data through firewalls and meet authentication and encryption requirements across the Internet.

TOP Server tracks user changes for security auditing

The TOP Server Event Log is a comprehensive tool that is not just for troubleshooting connectivity and communications issues.  The Event Log also maintains Security and Error entries related to a number of user-related activities in TOP Server including but not limited to user log-ins, changes to user accounts, changes to the TOP Server configuration and many others.

This provides an audit trail for determining who, when and what happened with respect to changes in your TOP Server configuration and settings.

Important Notes:

  • For full details of TOP Server Security Settings, you can access the application note here.
  • It is highly recommended to configure the Administrator account password during the TOP Server installation - selecting to skip this step lowers the security level of your TOP Server by allowing access without requiring user authentication.
    • When specifying the password for the Administrator account, it is extremely important to make note of that password to ensure your ability to access TOP Server after installation.

Get Started Now

The demo is the full product once licensed. Once a client application connects to the  TOP Server, the TOP Server runtime will operate for 2 hours at a time. At the end of the 2 hour demo period, the demo timer must be reset by restarting the TOP Server runtime service.

Connect with Us

1-888-665-3678 (US + Canada toll free)
+1-704-849-2773 (Global)