Tosibox Central Lock Instruction Manual
EASY QUICK SECURE
v1.4 English
The benets of Tosibox
Take in use only in 5 minutes
High sophisticated information
security
Flexible and scaling architecture
Operates trustworthy in all internet
interfaces
1. Introduction 2. Setup
The purpose of this document is to illustrate the
deployment of Tosibox Central Lock and its most
important properties. The creation and administration
of Keys for Central Lock and the user interface are also
presented here.
Please note that this document concentrates only on the
properties of Central Lock. The basics of Key and Lock
products are explained in the Key and Lock user manual.
1.1 Central Lock in brief
The Central Lock operates on the same basic properties as
the Lock, but has better throughput and encryption capacity.
This allows the building of large-scale systems that provide
simultaneous access to as many as 4000 Locks and Keys and
the devices behind them.
The Central Lock also has three additional features not found
in the Lock, but are usually needed in more complex network
systems. These are:
Concurrent usage of sites with overlapping IP addresses
»
Collecting audit log data »
Monitoring and alert services to detect and notify the user »
about connection problems
Basic requirements
The deployment of Central Lock has a few basic requirements
to operate. It needs:
A wired network1.
One non-rewalled public IP-address2.
An Internet connection with speed of at least 10/10 Mbit/s.3.
Physical installation
After the basic requirements of deployment are met, you can
start the physical installation of the Central Lock. Please check
that the following items are included in the sales package:
Ethernet cable – RJ45, 1 m1.
Power cord2.
Extension power cord3.
The steps of physical installation:
Proper mechanical mounting of device1.
Plugging in the power cord2.
Connecting the network cable to the WAN port of the 3.
Central Lock
Serialization
Powering on the Central Lock starts the deployment. After 2
minutes, the Key can be inserted to the Central Lock’s USB port.
Once the LED light in the Key stops blinking, the serialization is
completed and the Key can be removed from the Central Lock.
Conguration
Conguring the Central Lock is done from the Web user
interface (see chapter Web User Interface). The Internet
connections for the Central Lock are congured in the WAN
settings of the Network tab. The protocol can be set to a
xed IP-address or a DHCP-client, in which case the address is
fetched from a DHCP server. By assigning the protocol to the
static address, the IP-address and subnet mask are written to
the elds below. When a static address is used, it is important
to set the address of the domain name server.
Deployment
After the serialization and conguration are done, the
deployment of Central Lock is completed and Locks, Keys and
network devices can be added to the system.
3. System Description
3.4 Connecting Central Lock to LAN
The Central Lock can be connected to an existing LAN network
in two ways. It can be used as a router or it can be connected
alongside an existing router. ** If the Central Lock is used as a
router, a DHCP server must be assigned to the specic LAN. In
this situation the remote sites can be accessed from the LAN
network of the Central Client. In the other situation, when the
Central Lock is not acting as a router, the DHCP server is usually
disabled. In this case, accessing remote sites requires opening
a Key connection to the Central Lock or static routes must be
congured to the user’s computer.
3.5 Administration of Keys
It is possible to create a backup from a Key serialized to the
Central Lock (see Lock and Key manual). Serializing new Sub
keys also works in the same way as other Tosibox products. The
Backup and Sub Keys of the Central Lock can be administrated
from the Key user interface through the Manage Keys menu.
The Master Key has full privileges and it can be used to
serialized additional Keys to Locks for deployment. An empty
Key that is rst serialized with a Lock becomes the Master Key
for that Lock, and additional Master Keys can be created with
the Key backup function.
A sub Key has restricted rights and it cannot be used to serialize
additional Keys nor take new Locks into use. Key grouping can
be used to help manage a large number of Keys. The groups
are visible only in the Key user interface. A single Key can
belong to only one group and it is currently not possible to
create nested groups. **’/
3.1 Overview
The Central Lock makes it possible to build a system consisting
of large number of Tosibox Locks and Keys.
3.2 Additional features
Features specic to the Central Lock can be found here.
Translation of networks with identical addresses. Using 1.
this feature it is possible to translate real IP addresses of
the Lock and its LAN devices to different, congurable IP
addresses. This feature enables using the same IP address
range for several Locks so that the Locks and their devices
can be used simultaneously with the Central Lock or a Key.
Audit log data collection and connection monitoring. The 2.
Central Lock collects log data about the events of serialized
Locks. This feature logs the events of the Central Lock
itself and also the events of any serialized Locks and sub
Locks. Log collection and monitoring can be enabled from
the Settings -> Industry settings view of both the Central
Lock and the Locks that are expected to report events.
Only Locks from which log data is desired should have the
logging enabled.
Connection monitoring and alerts. The Central Lock can be 3.
set to send email alerts for connections being established
and closed. The alerts can be set for any or all serialized
Locks. Activating alerts does not require any additional
services and can be done from the Settings -> Alerts view.
In other respects the functionality and usage of the Central
Lock is identical with other Lock devices in the Tosibox product
family. Please see Lock documentation for more detail.
3.3 System
Central Lock allows using up to 4000 serialized Locks and
Keys simultaneously. First the Key is serialized with all Locks
to be connected. The serialization process is presented in the
Key and Lock User Manual. Serializing a Key to the Central
Lock is carried out in the same way, but during the process
the connection type is dened as L2 or L3. In the case of a L2
connection, a Lock to Sub Lock relationship is created, which
means that both Locks are in the same network. Selecting L3
creates a routed connection where the Lock and the Central
Lock have their own IP sub networks. If the L3 connection
is chosen, the Key connection type must also be L3. Every
serialized Key uses a bridged (L2) or routed (L3) connection.
The bridged Key connection allows access to a specic LAN
network only. The routed L3 Key connection allows the selection
of multiple LAN networks that are bound and routed.
The desired connection type is selected in the Web user
interface by clicking the Edit Tosibox Devices button. The
default connection type for Keys serialized to a Central Lock is
L3. More Keys to the Central Lock can be serialized in the same
way as they are to a Lock.
Loading...