DeviceMaster Installation and Configuration Guide: 2000594 Rev. F DeviceMaster Security - 73
Security Comparison
Security Comparison
This table displays addition information about security feature comparisons.
† Enable Monitoring Secure Data via Telnet must be enabled. SSH does not support port monitoring. You
can set the securemon enable option.
admin commands are disabled except for read-only ID command required by NS-Link to identify the
device.
The intention is to allow NS-Link to operate through an SSL connection to Port 4606 while is in Secure Data
Mode, and to allow NS-Link to operate through a MAC connection with Secure Config Mode enabled and Secure
Data Mode disabled.
SSH Server
The DeviceMaster SSH server has the following characteristics:
• Requires password authentication – even if the password is empty.
• Enabled/disabled along with telnet access independently of Secure Data and Secure Config Modes.
• The DeviceMaster uses third-party MatrixSSH library from PeerSec Networks: http://www.peersec.com/.
Weakest Strongest
01 2 3 3 4
Supported by None Password Authentication Secure Config Secure Data Key & Certificate
RedBoot yes yes yes no yes no
SocketServer yes yes yes yes yes yes
NS-Link Driver/MAC yes yes yes no no no
NS-Link Driver/IP yes yes yes yes
Serial Monitoring yes yes yes no yes † no
TCP to Serial Ports yes yes yes no no no
SSH to Serial Ports no no no yes yes yes
UDP to Serial Ports yes yes yes disabled disabled disabled
Telnet/Port23 yes yes yes disabled yes † disabled
SSH Telnet/Port 22 yes yes yes yes yes yes
Telnet Port 4607 yes yes yes disabled yes yes
SSH (PuTTY) 4607 no no no yes disabled disabled
HTTP (Port 80) yes yes yes disabled disabled disabled
HTTPS (Port 443) no no no yes yes yes
Email yes yes yes disabled disabled disabled
SNMP yes yes yes disabled disabled disabled
RFC1006 yes yes yes disabled disabled disabled
To Next Page
Loading...
