WTI Console Servers – IP Address Filtering to Keep Unauthorized Users Out

IP Address Filtering (or “IP Security”) allows WTI Console Server products to restrict unauthorized IP addresses and domain names from establishing inbound Telnet, web or SSH connections to the console server unit. This essentially enables network administrators to grant access to only a specific IP address or group of IP addresses, or block a group of IP addresses or an individual IP address completely.

The IP Address Filtering feature employs a TCP Wrapper program which allows the use of standard, Linux operators, wild cards and net/mask pairs to create a host based access control list. IP Address Filtering essentially creates “hosts.allow” and “hosts.deny” client lists, which enable you to define specific address, or ranges of addresses that will be allowed or denied access to console server command functions. Since Linux operators, wild cards and net/mask pairs are allowed, these lists can indicate specific addresses, or a range of addresses to be allowed or denied.

Operation of the IP Address Filtering feature is fairly simple. When IP Address Filtering is properly configured, each time that a client attempts to connect to the console server, the console server will first check to see if the client’s IP address or domain name is found in the “hosts.allow” list. If the client IP address is found in the “hosts.allow” list, the client will be granted immediate access. If the client’s IP address or domain name is not found in the Allow list, then the console will check the Deny list. If the client’s IP Address or domain name is found in the Deny list, the client will not be allowed to connect.

IP Address Filtering is just one of many different security and authentication tools that WTI Console Server products provide. In addition to IP Address Filtering, WTI Console Server products also feature a multi-level user’s directory, an invalid access alarm, dial-back security for modem based communication, plus TACACS+, LDAP, Kerberos and Radius authentication.

Since the whole purpose of a console server is to provide access to command functions on remote network elements, it’s extremely important that console servers feature multiple levels of security in order to ensure that access to sensitive command functions is adequately protected. WTI Console Server products include a comprehensive range of security and authentication features in order to allow network administrators to make certain that critical command functions are readily available to authorized personnel, yet safely hidden away from unauthorized access.

Western Telematic, Inc. (WTI) designs and manufactures remote device management products for IT applications. WTI’s Serial Console Server products, Remote Reboot products, Switched PDU products and A/B Fallback products are engineered to allow you to securely manage and troubleshoot rack equipment in remote locations.

Link to Original Content

Tags: , , , , , ,

Comments are closed.