TLS – Transport Layer Security

TLS is a successor to SSL, using a wider variety of cryptographic algorithms for access security. It is standardized by the Internet Engineering Task Force (IETF). It is a protocol that provides secure communication over a TCP/IP connection such as the Internet. It uses digital certificates for authentication and digital signatures to ensure message integrity, and can use public key cryptography to ensure data privacy. A TLS service negotiates a secure session between two communicating endpoints. TLS is built into recent versions of all major browsers and web servers. Although the TLS and SSL protocols are not interoperable, TLS secure transport can back down to SSL 3.0 if a TLS session cannot be negotiated.

MAC Addressing

Another aspect of network security can be used to block computers from accessing the network by requiring the port to validate the Media Access Control (MAC) address against a known list of approved MAC addresses. If there is an insecure access on a secondary device connected to a switch, these levels of control allow authorized users to continue to access the network while unauthorized packets are dropped.

Remote Security

The further afield the users who have a need to access an industrial network, the more critical it is that the network design provide system-wide protection. Standards such as Remote Authentication Dial In User Service (RADIUS 802.1x), Terminal Access Controller Access Control System (TACACS+) make user identity secure. For additional data security, Secure Shell (SSH) extend total system security by shielding traffic running through the switch. Switch manufacturers assist in the support of data security using these standards, but the implementation requires broader compliance than that available at the individual switch.

11

Page 12
Image 12
GarrettCom Ethernet Networks and Web Management manual TLS - Transport Layer Security, MAC Addressing, Remote Security