Security
Authentication
Authentication | The MasterSwitch PDU controls access by providing basic |
versus encryption | authentication through user names, passwords, and IP addresses, but |
| provides no type of encryption. These basic security features are |
| sufficient for most environments, in which sensitive data is not being |
| transferred. To ensure that data and communication between the |
| MasterSwitch PDU and the client interfaces, such as Telnet and the |
| Web browser, cannot be captured, you can provide a greater level of |
| security by enabling MD5 authentication (described below) for the Web |
| interface. |
MD5 | The Web interface option for MD5 authentication enables a higher level |
authentication | of access security than the basic HTTP authentication scheme. The |
(Web interface) | MD5 scheme is similar to CHAP and PAP remote access protocols. |
| Enabling MD5 implements the following security features: |
| • The Web server requests a user name and a password phrase |
| (distinct from the password). The user name and password |
| phrase are not transmitted over the network, as they are in |
| basic authentication. Instead, a Java login applet combines the |
| user name, password phrase, and a unique session challenge |
| number to calculate an MD5 hash number. Only the hash num- |
| ber is returned to the server to verify that the user has the cor- |
| rect login information; MD5 authentication does not reveal the |
| login information. |
| • In addition to the login authentication, each form post for config- |
| uration or control operations is authenticated with a unique chal- |
| lenge and hash response. |
| • After the authentication login, subsequent page access is |
| restricted by IP addresses and a hidden session cookie. (You |
| must have cookies enabled in your browser.) Pages are trans- |
| mitted in their |
| Continued on next page |
MasterSwitch Power Distribution Unit User’s Guide | 40 |
