Filter
Top Products
In theory, MAC ltering allows a network administrator to permit or deny network
access to hosts and devices associated with the MAC address, although in practice
there are methods to avoid this form of access control through address modication
(spoong) or the physical exchange of network cards between hosts.
Transport Encryption
Transferring data securely across a network involves encrypting the packet contents
sent between computers. Mac OS X Server can provide Transport Layer Security (TLS)
and its predecessor, Secure Sockets Layer (SSL) as the cryptographic protocols that
provide secure communications on the Internet for such things as web browsing, mail,
and other data transfers.
These encryption protocols allow client and server applications to communicate in a
way that helps prevent eavesdropping, tampering, and message forgery.
TLS provides endpoint authentication and communications privacy over the Internet
using cryptography. These encrypted connections authenticate the server (so its
identity is ensured) but the client remains unauthenticated.
To have mutual authentication (where each side of the connection is assured of the
identity of the other), use a public key infrastructure (PKI) for the connecting clients.
Mac OS X Server makes use of OpenSSL and has integrated transport encryption into
the following tools and services:
Server administration using Server Admin and Server Preferences Â
User and group management using Workgroup Manager. Â
Address Book Server Â
iCal Server Â
iChat Server Â
Mail Service Â
Open Directory Â
Podcast Producer Â
RADIUS Â
SSH Â
VPN (L2TP) Â
Web service Â
Payload Encryption
Rather than encrypting the transfer of a le across the network, you can encrypt the
contents of the le instead. Files with strong encryption might be captured in transit,
but would still be unreadable.
54 Chapter 4 Enhancing Security