Filter
Top Products
SLB™ Branch Office Manager User Guide 266
B: Security Considerations
The SLB branch office manager provides data path security by means of SSH or
Web/SSL. Even with the use of SSH/SSL, however, do not assume you have complete
security. Securing the data path is only one measure needed to ensure security. This
appendix briefly discusses some important security considerations.
Security Practice
Develop and document a Security Practice. The Security Practice should state:
The dos and don’ts of maintaining security. For example, the power of SSH and
SSL is compromised if users leave sessions open or advertise their password.
The assumptions that users can make about the facility and network
infrastructure, for example, how vulnerable the CAT 5 wiring is to tapping.
Factors Affecting Security
External factors affect the security provided by the SLB device, for example:
Telnet sends the login exchange as clear text across Ethernet. A person
snooping on a subnet may read your password.
A terminal to the SLB branch office manager may be secure, but the path from
the SLB device to the end device may not be secure.
With the right tools, a person having physical access to open the SLB branch
office manager may be able to read the encryption keys.
There is no true test for a denial-of-service attack—there is always a legitimate
scenario for a request storm. A denial-of-service filter locks out some high-
performance automated/scripted requests. The SLB device will attempt to service
all requests and will not filter out potential denial–of-service attacks.