Recommendations

Vizrt's Ecosystem allows flexible integration with external services and communication with third party applications. Viz Engine offers an open API to allow any control application to integrate with. For security reasons, these installations need to be secured and one might need to disable certain services or block network communications to Viz Engine.

In addition, there are more recommendations to prevent someone in the network to misuse Viz Engine.

After installation of the software, please proceed with the following advisories:

• Change the default User password. See Prerequisites.

• Do not run Viz Engine with Administrator rights.

• Disable Remote Access for WIBU Codemeter Webadmin and use SSL (Configuration > Basic > Webadmin).

• Remove any unneeded services.

  • If FSmon and ArdFTP are not needed, do not install them.

  • Enable Viz Engine REST interface only if needed.

• The recommended NVIDIA driver should be used; however, new vulnerabilities can have been made public after the release of this software and it might be necessary to upgrade the NVIDIA driver (see https://www.nvidia.com/en-us/security/ for details).

• Do not expose any shares on the network.

• The amount of simultaneous network connections can be limited by setting max_tcp_connections in the Viz Configuration file.

• Viz Engine allows to block certain commands (setting blacklisted_commands in the Viz Configuration file).

  • For example, to prevent execution of Action Task keyframes, modification of Configuration File options and the replacement and execution of script parts, the following blocks the required commands.

    blacklisted_commands = CONFIGURATION RESET;PLUGIN COMPILE;SOURCE_CODE SET;MODE SET TASK

See Also

• Ports and Connections