MAS administration and security
This chapter describes the administration tasks and security tools associated with MAS operation and management.
Navigation
•Access security setup (page 26)
•Remote Desktop Protocol (page 28)
•IPSEC configuration (page 29)
•Security tools (page 29)
•Certificate management (page 30)
•Service and configuration data backup (page 31)
•Automatic and manual backups (page 31)
•System maintenance (page 33)
Access security setup
Administrative access to the MAS is obtained using the Microsoft Remote Desktop Connection Client. This client is based on the Remote Desktop Protocol (RDP), which provides access over separate virtual channels.
For the purposes of enhanced security, management access control is restricted to a limited number of authorized IP addresses. The number of authorized IP addresses must be less than or equal to the number of network administrators.
A timeout feature, set to a default value of 15 minutes, is used to disconnect idle connections. In addition, management ports that receive three consecutive failed login attempts are made unavailable for at least 60 seconds, and network connected management ports drop a connection or session that becomes disconnected for any reason, within 15 seconds.
RDP is separated from other traffic through the use of a virtual local area network (VLAN). A VLAN is added through the Broadcom Advanced Control Suite and a virtual adapter is created for each VLAN added.
Nortel Media Application Server 6.0 for AS 5300
Fundamentals
Release 6.0 03 June 2008
Copyright © 2008, Nortel Networks