DroboShare security?

Okay, so I’m wanting to use a pair of Drobos with DroboShares on two servers as their primary data storage, with one server backing up the other for redundancy. It seems that I can’t secure the Drobo adequately though. While I can go in and set up a single username and password to secure the SMB/CIFS connectivity, any machine that is connected to the same broadcast segment of the network can load up the Drobo Dashboard and go cause havok by resetting passwords, putting things into standby, changing IP addresses, or formatting drives.

Why is this even possible by default!?

Even on my home system I wouldn’t want guests to be able to have such access, let alone in any professional setting. This seems like a pretty basic security concept here. Most network connected devices at least come with a default login password set just to get users thinking about securing the management of say something like your wireless router.

Is there a way to secure the Dashboard access to the DroboShare? Did I just overlook it in the standard documentation? If it is possible but not in the docs, then shouldn’t it be put in there in a very obvious manner?

The fact that there are no replies to this security issue nearly 9 years later shows what we’re working with here.

Guests on my network can access EVERYTHING on our drobo…what’s the point of having users with passwords, if you can just click ‘login as guest’ and still gain access to everything in the ‘share’ folder?