Procedure Steps
Encryption on a Series 2 panel is controlled by a setting within the web interface. When a host system attempts to communicate with an encryption-enabled controller, a proper master key is required. Without having AES encryption enabled through System Administration, the panel will appear to be offline. Enabling AES encryption on the controllers is a two step process - configuring it in System Administration and enabling encryption in the web interface of the Series 2 panel.
Prerequisite: Before making any modifications for encryption, it is recommended you verify that the panel will come online with a plain connection.
Part 1: Enable controller encryption in System Administration
1) From the Administration menu, select System Options > Controller Encryption tab.
2) Alternatively, if you have a segmented system:
- From the Administration menu, select Segments.
- On the Segments form, select the Enable segmentation check box.
3) In the Connection type drop-down select either "Automatic key management encryption" or "Manual key management encryption."
4) Click [OK]. Applying this setting may require a restart of System Administration. This change will add an Encryption tab to the Access Panel settings.
5) Select the Encryption tab for the panel.
6) Click [Modify] and select the Use an encrypted connection and Allow next connection to be downgraded check boxes.
Note: This is essential when initially setting up encryption.
7) Click [OK]. The following message is displayed:
"Encryption is being enabled for controller 'Test2220.' OnGuard must use a plain connection to initially load the active master key into the controller prior to establishing an encrypted connection. The controller will allow the next connection to be downgraded."
8) Click [OK] in this dialog box. The following prompt is then displayed beneath the encryption check boxes:
"A master key update is pending."
Part 2: Enable encryption in the ISC (Intelligent System Controller)
1) Log into the web page for the panel.
2) From the tabs at the left, click the Host Port link.
3) In the Data Security drop-down, select "Password/AES."
4) Click [OK] to apply the settings, and then restart the panel.
The panel should now come online in Alarm Monitoring with encryption enabled.
Applies To
OnGuard(All versions)