Security update for AMX's NX Platform

AUTHOR: Inavate

AMX has announced a security upgrade to its NX Platform, including NetLinx NX Integrated controllers, Enova DGX Digital Media Switchers, Enova DVX All-in-One Presentation Switchers and Massio ControlPads.

This adds features including central management of users, permissions, passwords, levels of system access, audit logs and reporting.
New NX platform permission groups can be customised according to organisation security policies. These permission groups can contain multiple levels of access, including user level access from the touch panel, management web pages and control system services based on user permissions. Expanded permissions can be hosted locally on the central (or integrated) controller, or can be centrally managed through Lightweight Directory Access Protocol (LDAP) to existing directory services including Microsoft Active Directory.

Customers can also use this new feature to manage access to the control system in the room, with users entering their network credentials to access certain features of the control system. Customer defined user access to AV assets to be secured at the room user level can be implemented by accessing the existing directory services already in place in an organisation using administratively defined roles to match user permissions to use requirements.
In addition, AMX expanded the NX event types captured in logs to meet IT industry standards, such as ISO 27000. Any data or events that occur with the control system can be taken from the NetLinx program and added to a log. AMX also added support for Syslog, a widely used standard for message logging, which consolidates all IT logs in a central repository. Records are stored and retrieved locally or by a centrally managed Syslog server. In addition, NX will log all administrative actions, including attempts to access secure masters, logon attempts, user permission modifications, firmware/software updates, reboots and startups.
Secure communication channels have been added such that the NX platform now communicate with hosted services over secure sockets on public or private infrastructure providing secure machine-to-machine communication using HTTPS and secure telnet. Now you can exchange data securely between NX controllers and servers like hosted services or SQL databases. Also NX processors that communicate with a device using NetLinx control code now use secure encrypted protocols like Secure Hypertext Transfer Protocol (HTTPS) and Secure Shell (SSH).