System start-up and operating modes
After proper installation according to the installation manual, TightGate-Pro can be started. TightGate-Pro follows a defined start-up procedure after power-up. This is designed so that TightGate-Pro is automatically in the correct and maximum safe RSBAC operating mode without operator intervention. In this mode, all control and safety systems of TightGate-Pro are activated by default.
Start menu
If TightGate-Pro should exceptionally be started in another operating mode, deviating from the RSBAC mode, this can be determined during the start-up phase. After switching on, the start menu of TightGate-Pro appears for approx. 7 seconds. The following options are available:
| Start phase (start-up procedure) | |
|---|---|
| Start menu item | Description |
| RABAC | Regular operating mode of TightGate-Pro. This operating mode is automatically selected if no other of the displayed options is selected during the start-up menu display time (approx. 7 seconds). In RSBAC mode, all safety and control systems of TightGate-Pro are activated. TightGate-Pro should be regularly operated exclusively in this operating mode. Before switching to other operating modes, consultation with the technical support service of m-privacy GmbH is strongly advised. Attention: In the case of TightGate-Pro (CC) version 1.4, only this operating mode meets the requirements according to CC. |
| RSBAC debug | Operating mode for system analysis under special operating conditions. Only to be used in agreement with the technical customer service of m-privacy GmbH . Note: This operating mode is not necessary for regular system operation. The protection and safety level corresponds to that of the "RSBAC" mode, but numerous diagnostic messages are output. |
| Soft mode | Operating mode with deactivation of all safety and control systems of TightGate-Pro. Only to be used in consultation with the technical customer service of m-privacy GmbH . Warning: This operating mode is not suitable for regular system operation. It is essential to ensure that no users are connected to the system while soft mode is activated! System security may be compromised if this operating mode is used for any purpose other than that discussed in consultation with m-privacy GmbH technical support. Note: With TightGate-Pro (CC) version 1.4 server, logging in in the administration roles root and security is only possible in soft mode. The VNC server is deactivated at the same time, and clients cannot log on via the TightGate viewer in soft mode. |
| Recover | Operating mode for system recovery or reinstallation. Only to be used in consultation with the technical customer service of m-privacy GmbH . Warning: This operating mode is not suitable for regular system operation. System security may be compromised if this mode of operation is used for any purpose other than that discussed in consultation with m-privacy GmbH technical support. |
| Memory test | Automated test procedure for checking the installed working memory. Only to be used in consultation with the technical customer service of the m-privacy GmbH . Note: In this operating mode, there is no system operation from TightGate-Pro. A reboot is required to resume system operation in RSBAC mode. During the start-up procedure, another operating mode can be selected or the memory test can be repeated. |
| FALLBACK | Start TightGate-Pro in safe RSBAC mode using the last core version. This mode should only be used if after an update of the core version TightGate-Pro cannot start with the new core version. Only to be used in consultation with the technical customer service of m-privacy GmbH . Note: In this operating mode, TightGate-Pro can be operated normally. However, it should be clarified immediately why the core error occurred. |
Warning
As soon as an operating mode other than RSBAC or FALLBACK has been selected, the system security, the security of the internal network as well as that of the workstation computers (client computers) will be considerably impaired!
| Properties of the operating modes | ||||||
|---|---|---|---|---|---|---|
| RSBAC | RSBAC-Debug | Recover | Softmode | Memory test | FALLBACK | |
| User login possible | yes | yes | no | no | no | yes |
| Administration access enabled | yes | yes | no | yes | no | yes |
| Network connections active | yes | yes | no | yes | no | yes |
| RSBAC security system active | yes | yes | no | no | no | yes |
At the end of the start-up phase, the console prompt appears. From this moment on, administrators can log in and the system can process connection requests from client computers (workstations).
Status page
TightGate-Pro has an internal status page that can be called up via the browser of a logged-in VNC user. It provides basic information about the running system and the most important system services without the need to call up the administration menus. The system statuses are signalled by value displays and an eye-catching red/green marking.
The status page can be called up in the browser using http://localhost to call up the status page.
If no password has been set, the status page is displayed immediately. However, it can be protected with a password; this is done after logging in as administrator config under the menu item config > Basic settings > Status: Password. As soon as a password has been set, a login dialogue appears when the status page is called up. After entering the user ID "status" and the set password, the status page is displayed. The display is automatically loaded in the browser every 120 seconds, but the system statistics displayed are only updated every hour.
Caution
If no password is assigned, the status page can be viewed by every logged-in VNC user via the browser!
The status page also informs about the correct function of the server-side virus scanner, if one is installed. In this case, the update time of the malicious code definition files (virus signatures) is also displayed. If the signatures are older than three days, the status display changes to red. In this case, there could be a configuration error or the update server in question is not accessible.
Note
No changes can be made to the displayed parameters on the status page. The values only serve to provide information regarding basic operating states. The administration menus and the different administration roles serve to administer the system. For detailed monitoring of the system operation, monitoring via Nagios is recommended, especially since numerous system-specific sensors and checkpoints are available for TightGate-Pro in addition to the regular functions of Nagios system monitoring.
New installation and recovery
Information on reinstalling the system or restoring it in the event of an accident can be found in the installation manual. Please also refer to the additional information in the chapter Data Backup.
Resetting to a safe state (OE.Reset)
Instructions for resetting TightGate-Pro to a defined initial state known to be safe using an installation medium supplied can be found in the installation manual. Please also refer to the additional information in the chapter Data Backup.