DeviceMaster LT User Guide: 2000586 Rev. B
DeviceMaster LT Security - 51
DeviceMaster LT Security Features
DeviceMaster LT Security Features
The following subsections provide information about DeviceMaster LT security
features.
Security Modes The DeviceMaster LT supports two security modes.
Security
Mo
de
Description
Secure Data
SSL encryption for serial port dat
a streams for both NS-Link and
SocketServer. Secure Data mode:
• Requires SSL encryption of TCP connections to
SocketServer
(Ports 8000, 8001, 8002, and so forth).
• Disables UDP access to SocketServer.
• Disables RFC1006 (ISO-over-TCP) access
to SocketServer.
• Disables MAC-mode access to serial
ports. MAC mode admin
an
d ID commands are still allowed.
• Requires SSL encryption of NS-Link TCP connections (P
ort
4
606). Not directly supported by NS-Link drivers for Window
s
a
nd Linux. The Linux driver has been tested using stunnel
,
but manual setup is required.
• Requires SSH instead of telnet connection to the di
agnostic
l
og (TCP Port 4607).
• Two values for http READ and WRITE
commands: A2:
Enable.
Secure Config
Encrypts/aut
henticates configuration and administration
operations (web server, IP settings, load SW, and so forth.). Secure
Config mode:
• Disables MAC mode admin commands except for ID request†.
• Disables TCP/IP admin commands except for ID
request†.
• Disables telnet console access (Port 23)†.
• Disables unencrypted http:// access via Port 80.
• Disables e-mail notification and SNMP features.
• Two values for http READ and WRITE
commands: A3:
Enable.
† Affects
both RedBoot and SocketServer/NS-Link applications.
To Next Page
Loading...
