Security, Access levels, Username setup – Basler Electric BE1-11m User Manual

Page 279

background image

9424200996 Rev L



Multiple levels of BE1-11m security give personnel the level of access appropriate for the tasks they
routinely perform while securing critical settings from unauthorized access.

Access Levels

Passwords provide access security for six distinct functional access areas: Read, Control, Operator,
Settings, Design, and Administrator (Admin). Each functional area can be assigned a unique password or
one password can be assigned to multiple areas. Functional areas are not independent of one another.
For example, an Admin password is used to access levels 6, 5, 4, 3, 2, and 1; a Design password is used
to access levels 5, 4, 3, 2, and 1. Table 88 lists the access levels and descriptions.

Table 88. Access Levels and Descriptions

Access Level


6 - Admin (highest)

Create, edit, and delete users and device security.

5 - Design

Create or change programmable logic.

4 - Settings

Change all settings values. Logic equations cannot be created or changed.

3 - Operator

Set date and time, reset accumulated metering values, and erase event data.

2 - Control

Operate real-time controls.

1 - Read

Read all system parameters. No changes or operation allowed.

0 - None

All access denied.

Additional security is provided by controlling the functional areas that can be accessed through a
particular communication port. For example, security can be configured so that front panel access is
permitted at a lower access level than BESTCOMSPlus

® or Modbus access.

The communication ports and password parameters act as a two-dimensional control to limit changes.
The entered password must be correct and the command must be entered through a valid port. Only one
port at a time can be in use with higher than Read access. For example, if a user gains Settings access at
the front-panel USB port, users at other areas (rear Ethernet and front panel) will be able to gain Read
access only after the user with Settings access at the front-panel USB port disconnects from the device.
Read access is always allowed for all simultaneous users with access level 1 or higher.

If a port holding higher than Read access sees no activity for the duration of the Access Timeout setting,
access privileges will automatically be lowered to Read access. This feature ensures that password
protection cannot be accidentally left in a state where access privileges are enabled for one area and
other areas locked out for an indefinite period.

Username Setup


Use the Settings Explorer in BESTCOMSPlus to select Username Setup under General Settings,
Device Security Setup. The Login dialog box appears. See Figure 225. An administrator access level
is required to set up usernames and passwords.

Figure 225. Login Screen

