Lantronix 900-598 manual Security Settings, SSL Settings, Certificate and Key Generation

Page 67

10: Security Settings

SSL Settings

Secure Sockets Layer (SSL) is a protocol for managing the security of data transmission over the Internet. It provides encryption, authentication, and message integrity services. SSL is widely used for secure communication to a web server, and also for wireless authentication.

Certificate/Private key combinations can be obtained from an external Certificate Authority (CA) and uploaded into the unit. Self-signed certificates with associated private key can be generated by the device server itself.

For more information regarding certificates and how to obtain them, see the chapter, Security in Detail.

Note: The blue text in the XML command strings of this chapter are to be replaced with a user-specified name.

Certificate and Key Generation

The PremierWave can generate self signed certificates and their corresponding keys. This can be done for both the rsa and dsa certificate formats. Certificates can be identified on the PremierWave by a name provided at generation time.

 

Table 10-1 Certificate and Key Generation Settings

 

 

 

Certificate Generation

 

Description

Settings

 

 

 

 

 

Country (2 Letter Code)

 

Enter the 2-letter country code to be assigned to the new self-signed

 

 

certificate.

 

 

Examples: US for United States and CA for Canada

 

 

 

State/Province

 

Enter the state or province to be assigned to the new self-signed certificate.

 

 

 

Locality (City)

 

Enter the city or locality to be assigned to the new self-signed certificate.

 

 

 

Organization

 

Enter the organization to be associated with the new self-signed certificate.

 

 

 

Organization Unit

 

Enter the organizational unit to be associated with the new self-signed

 

 

certificate.

 

 

 

Common Name

 

Enter the common name to be associated with the new self signed

 

 

certificate. Note that this is a required field.

 

 

 

Expires

 

Enter the expiration date, in mm/dd/yyyy format, for the new self-signed

 

 

certificate.

 

 

Example: An expiration date of May 9, 2012 is entered as 05/09/2012.

 

 

 

PremierWave XC User Guide

67

Image 67
Contents XC User Guide Disclaimer WarrantyCopyright & Trademark ContactsFCC RF Radiation Exposure Statement FCC Part 15.21 StatementRevision History Introduction Table of ContentsUsing This Guide Installation of PremierWave XCLine and Tunnel Settings Using DeviceInstallerConfiguration Using Web Manager Network SettingsServices Settings Terminal and Host SettingsSecurity Settings Advanced Settings Maintenance and Diagnostics SettingsBranding the PremierWave XC 100 EventsSecurity in Detail Updating FirmwareAppendix C Compliance 107 Troubleshooting 102List of Tables List of FiguresList of Tables Chapter Description Using This GuidePurpose and Audience Summary of ChaptersDocument Description Additional DocumentationIntroduction Key FeaturesApplications Configuration Methods Troubleshooting CapabilitiesProtocol Support IP Address Addresses and Port NumbersProduct Information Label Hardware AddressProduct Label Package Contents Installation of PremierWave XCUser-Supplied Items PremierWave XC Male DB9 DTE Serial Ports Hardware ComponentsBack Panel Reset ButtonTop Panel PowerSerial Side Panel Connector DescriptionBottom Panel Installing the PremierWave XCPremierWave XC Connections 11 PremierWave XC Dimensions Accessing PremierWave XC using DeviceInstaller Using DeviceInstallerDevice Detail Summary Current Settings Description Firmware Upgradable Telnet SupportedTelnet Port Web PortAccessing Web Manager Configuration Using Web ManagerDevice Status Device StatusLayout of a typical Web Manager page is below Web Manager Page ComponentsWeb Manager Description See Navigating the Web ManagerSyslog NetworkProtocol Stack Query PortTo Configure WAN Connection Settings Network SettingsWAN Connection Settings Ddns SettingsNetwork Interface Description Settings Network 1 Interface SettingsTo View or Configure Ddns Settings Setting / Field DescriptionDhcp Client ID Default GatewayDhcp Client HostnameTo View Network 1 Interface Status Network 1 Link SettingsTo Configure Network 1 Interface Settings Network 1 Ethernet eth0 Description Link SettingsNetwork 2 Interface Status Network 2 SMS Outbound SettingsTo Configure Network 1 Link Settings Network 2 wwan0 Description SMS Outbound SettingsTo Configure Network 2 SMS Outbound Settings Network 2 SMS Inbound SettingsNetwork 2 wwan0 Description Roam Settings Network 2 Roam SettingsTo Configure Network 2 SMS Inbound Settings Network 2 wwan0 Description SMS Inbound SettingsNetwork 2 wwan0 Description GSM/GPRS Settings Network 2 GSM/GPRS Bands SettingsTo Configure Network 2 Roam Settings To Configure Network 2 GSM/GPRS bands SettingsTo Configure Network 2 SIM Pin Settings Network 2 SIM Pin SettingsNetwork 2 wwan0 Description SIM Pin Settings Enter Access Point Name APN Network 2 APN Configuration SettingsTo Configure Network 2 APN Configuration Settings Network 2 wwan0 Description APN Configuration SettingsNetwork 2 SMS Statistics Network 2 Carrier Connection SettingsTo Configure Network 2 Carrier Connection Settings Network 2 wwan0 Description Carrier Connection Settings6Network Settings Line Settings Description Line and Tunnel SettingsLine Settings ConfigurationLine Command Description Mode Settings Command ModeEcho Serial String To Configure Line SettingsStatistics To View Line Statistics Serial StringSerial Settings Tunnel SettingsTunnel Serial Description Settings Packing Mode To Configure Tunnel Serial SettingsTunnel Packing Description Mode Settings Local Port To Configure Tunnel Packing Mode SettingsAccept Mode Tunnel Accept Mode Description SettingsTo Configure Tunnel Accept Mode Settings Tunnel Connect Description Mode Settings Connect ModeReconnect Timer Connect To Configure Tunnel Connect Mode SettingsFlush Serial Data Email onTo Configure Tunnel Disconnect Mode Settings Disconnect ModeTunnel Disconnect Mode Description Settings Modem Emulation Tunnel Modem Emulation Description SettingsStatistics To Configure Tunnel Modem Emulation SettingsTo View Tunnel Statistics Terminal Settings Terminal and Host SettingsTerminal on Network Description Line Settings To Configure the Terminal Network Connection Host ConfigurationTo Configure the Terminal Line Connection Remote Address To Configure Host SettingsHost Settings Description SSH UsernameDNS Settings Services SettingsTo View or Configure DNS Settings Syslog Settings Description FTP SettingsSyslog Settings To Configure FTP SettingsTo View or Configure Syslog Settings Http SettingsHttp Settings Description Http Authentication Description Settings To Configure Http SettingsEnter the Uniform Resource Identifier URI Auth Type To Configure Http AuthenticationTo Configure RSS Settings RSS SettingsRSS Settings Description Certificate and Key Generation Security SettingsSSL Settings Certificate Generation Description SettingsTo Create a New Credential New Certificate Certificate Upload SettingsTo Configure an Existing SSL Credential Upload Certificate Description SettingsAuthority Trusted Authorities Description SettingsTrusted Authorities To Upload an Authority CertificateFile Display Maintenance and Diagnostics SettingsFilesystem Settings File Display Commands DescriptionFile Transfer File Modification Description CommandsFile Transfer Settings Description File ModificationTo Transfer or Modify Filesystem Files Protocol Stack SettingsTo Configure IP Network Stack Settings Protocol Stack Description IP SettingsMAC Address To Configure Icmp Network Stack SettingsTo Configure ARP Network Stack Settings Protocol Stack Description Icmp SettingsTo Configure Snmp Network Stack Settings To Configure Smtp Network Stack SettingsProtocol Stack Description Snmp Settings Query Port Settings Description To Configure Query Port SettingsQuery Port To View the List of IP Sockets DiagnosticsHardware To View Hardware Information IP SocketsTo Perform a Traceroute Diagnostics Description Traceroute SettingsTo Ping a Remote Host TracerouteMemory To Configure the Diagnostic Log OutputDiagnostics Description Log Settings LogTo View Route Information ProcessesTo View Process Information RouteTo Reboot or Restore Factory Defaults System SettingsSystem Settings Description Email Configuration Description Settings Advanced SettingsEmail Settings To View, Configure and Send EmailCommand Line Interface Description Configuration Settings Command Line Interface SettingsBasic CLI Settings To View and Configure Basic CLI SettingsTo Configure Telnet Settings Telnet SettingsTelnet Settings Description XML Export Configuration XML SettingsSSH Settings To Configure SSH SettingsXML Export Configuration Description Settings To Export Configuration in XML FormatXML Export Status XML Import ConfigurationImport Configuration from External File XML Export Status Settings DescriptionImport Configuration from Description Filesystem Settings Failover SettingsImport Configuration from the Filesystem To Import Configuration in XML FormatFailover Settings Description To Configure Failover SettingsTo Configure Relay Output Settings Relay Output SettingsRelay Output Settings Description Event Alerts Event Alert Settings DescriptionEvents Event OverviewTo Configure Input 2 Settings To Configure Input 1 SettingsTo Configure Main Power Fail Settings To Configure Wwan0 Link Down Settings To Configure Backup Power Fail SettingsEvents Status and Clearing Events To Configure Ethernet Link Down SettingsTo Clear Events Trusted Authorities Security in DetailPublic Key Infrastructure Digital CertificatesOpenSSL Obtaining CertificatesSelf-Signed Certificates Certificate FormatsFree Radius Steel Belted RadiusTo upload new firmware Updating FirmwareObtaining Firmware Loading New Firmware through Web ManagerLoading New Firmware through FTP Web Manager Customization Branding the PremierWave XCShort and Long Name Customization To Customize Short or Long Names Name Settings DescriptionProblem/Message Reason Solution TroubleshootingDiagnostic LED States Problems and Error MessagesTroubleshooting Technical Support US Appendix a Technical SupportConversion Table Appendix B Binary to Hexadecimal ConversionsConverting Binary to Hexadecimal Scientific CalculatorAppendix B Binary to Hexadecimal Conversions Product Name Model Appendix C ComplianceManufacturers Contact Device Label with CE Mark and FCC IDSLB SLC SLP RoHS Notice

900-598 specifications

The Lantronix 900-598 is a powerful and versatile device designed to facilitate robust data communication and management for industrial and commercial applications. At the heart of the 900-598 lies its advanced networking capabilities, making it an essential tool for IoT implementations, operational efficiency, and remote device management.

One of the main features of the Lantronix 900-598 is its ability to provide secure and reliable connectivity. The device supports various communication protocols, including serial and Ethernet, enabling seamless integration with a wide array of devices across diverse environments. This flexibility allows users to connect legacy equipment to modern networks, thereby extending the life of existing technologies while enhancing operational capabilities.

The Lantronix 900-598 is equipped with robust security measures to protect sensitive data during transmission. It supports encryption protocols, such as SSL and SSH, ensuring that data remains confidential and secure from unauthorized access. This security is crucial for industries dealing with sensitive information, such as healthcare, finance, and manufacturing, where data breaches can have severe repercussions.

Another notable characteristic of the 900-598 is its ease of use. The device features a user-friendly interface that simplifies setup and configuration. Additionally, it supports remote access and management, allowing users to monitor and control devices from virtually anywhere. This remote management capability is particularly advantageous for organizations with distributed operations, enabling them to maintain oversight without needing to be physically present at each location.

In terms of performance, the Lantronix 900-598 offers high-speed data transfer rates, which are essential for real-time applications. It is designed to handle large volumes of data efficiently, making it suitable for applications that require quick responses and minimal latency. The device ensures reliable operation through features like error correction and data integrity monitoring.

Lastly, the Lantronix 900-598 is built to withstand challenging environmental conditions, thanks to its rugged design. This durability makes it suitable for deployment in harsh industrial settings, where exposure to dust, moisture, and extreme temperatures is common.

In conclusion, the Lantronix 900-598 stands out as an advanced solution for data communication and device management. Its combination of secure connectivity, ease of use, high performance, and durability makes it an excellent choice for businesses looking to modernize their operations and embrace the future of IoT and remote management. With its extensive features and robust technologies, the 900-598 is poised to enhance productivity and streamline processes across various industries.