Need a Serial Switch with IP Address Filtering?

Typically, a serial switch is used to provide remote access to command functions on network equipment such as servers, routers and firewalls. Remote access is an important capability for any network administrator, in that it allows problems at far-away installation sites to be addressed and solved without physically traveling to the site. Many modern network applications would be economically unfeasible without a serial switch and the ability to access command functions on remote devices that a serial switch provides.

Yet even so, as important as a serial switch is, it would be practically useless without proper security measures in place to protect sensitive command functions from unauthorized users.

There are many common strategies for securing remote access to command functions. The most basic strategy is the familiar username/password prompt, which does a pretty decent job of keeping out lower level intruders, but is essentially worthless in discouraging more determined hackers, who may be armed with random code generators or inside information. Security and Authentication programs such as TACACS, LDAP and RADIUS do a fine job of keeping out even experienced hackers, but sometimes, that’s not enough; what if you only need to allow one or two devices to access command mode, while excluding all others?

In addition to robust security features such as a multilevel User Directory, TACACS, LDAP, Kerberos and RADIUS, WTI RSM and TSM series serial switch products also include an IP Address filter, which allows you to block access to an IP Address or range of Addresses, or allow access by only specific user-defined IP addresses. This can be very convenient for applications where only one or two specific IP Addresses will be allowed to access command functions.

IP Address Filtering can also be extremely handy for certain script-driven applications, where a device logs in to the serial switch, without human intervention, in order to retrieve data or run scripts. In cases such as this, IP Address Filtering essentially blocks all users from accessing command mode (except for the device at the IP Addresses that have been specifically permitted by the IP Address Filter) and eliminates the need to write complex scripts to deal with password prompts and other interactive security measures. IP Address filtering ensures that the only users who will be allowed to access command functions, are the users at the IP Addresses that you have defined.

Naturally, the IP Address Filter can also work in combination with our other security features; if needed, password protection, TACACS, LDAP, Kerberos, RADIUS and the IP Filter can all be enabled at the same time. WTI serial switch products provide an array of powerful security features to allow our products to adapt to almost any application; security measures can be easily enabled or disabled to match the needs of your specific application.

For over 30 years, Western Telematic, Inc. (WTI) has been an innovator in the field of remote management for IT facilities. Our comprehensive product line includes a wide range of Serial Console Server products, Switched PDU products and Remote Reboot Switch products to provide secure, remote management of servers, routers and other devices.

Link to Original Content

Tags: , , ,

Comments are closed.