Appendix A: Security Considerations

The SLC advanced console manager provides data path security by means of SSH or Web/SSL. Even with the use of SSH/SSL, however, do not assume you have complete security. Securing the data path is only one measure needed to ensure security. This appendix briefly discusses some important security considerations.

Security Practice

Develop and document a Security Practice. The Security Practice should state:

The dos and don'ts of maintaining security. For example, the power of SSH and SSL is compromised if users leave sessions open or advertise their password.

The assumptions that users can make about the facility and network infrastructure, for example, how vulnerable the CAT 5 wiring is to tapping.

Factors Affecting Security

External factors affect the security provided by the SLC unit, for example:

Telnet sends the login exchange as clear text across Ethernet. A person snooping on a subnet may read your password.

A terminal to the SLC may be secure, but the path from the SLC 8000 advanced console manager to the end device may not be secure.

With the right tools, a person with physical access to open the SLC unit may be able to read the encryption keys.

There is no true test for a denial-of-service attack. There is always a legitimate scenario for a request storm. A denial-of-service filter locks out some high-performance automated/scripted requests. The SLC 8000 advanced console manager will attempt to service all requests and will not filter out potential denial-of-service attacks.

SLC™ 8000 Advanced Console Manager User Guide

328

Page 328
Image 328
Lantronix SLC 8000 manual Appendix a Security Considerations, Security Practice, Factors Affecting Security