Secure remote management of network devices found

Secure remote management of network devices found The vast majority of networks of remotely located equipment such as routers, switches and other network devices that are not in the same location or accessible by technicians. Network devices can be tens or hundreds of miles away from your network administrator. Network administrators and technicians require regular access to the router and switch the remote site and immediate access when problems arise, in order to solve problems, solve problems and restore operations. The faster a network administrator can remotely access and fix the devices within the network, the fastest average time to repair (MTTR) and the increased availability of the network. The safe management of the router located at a distance, switches and other network devices is essential for reliable, dependable and highly available networks. The networks must be flexible in the attack, which responds to the needs of clients and work at affordable prices. Methods for remote administration of the day did not have the appropriate level of security in such vital functions. Enged Technologies, Inc. provides a solution with the appliance Secure Remote Management (SRMa?). The enged SRMa? provides the benefits of cost savings for remote management, while eliminating potential security vulnerabilities. Fund is not profitable or visits should be made remotely located routers, switches and other network devices for troubleshooting or maintenance. The costs are prohibitive, both in terms of time and personnel, by a qualified technician to be sent to the remote site for the operation and maintenance of all located at a distance of routers, switches or other network device. Time constraints of cost and network devices to be managed remotely. A solution for remote management of devices ideally the support of multiple communication paths, as in a band and a backup outside band. During the band administrator access on the remote communicates with the router or switch using the same network path as a router or switch you are using the data transport. When using the band administrator backup outside the path of communication with the remote router or a switch to the alteative path of communication that is used for data transport network. Industry efforts to achieve cost-effective remote management have implemented more frequently in a data network bandwidth solution for the management of devices located remotely. Generally, and unfortunately, many of the methods do not protect data management, or to authenticate users in an effective way to ensure the administrator is the person who claims to be. The timing of these and other insecure network structures and practices are acceptable is long past. Companies should take a look today at the best way to provide security and cost effective remote management of their networks. Compromise the security of the convenience of remote access to network devices is not acceptable. Too many network administrators have compromised the security of networks, using remote management solutions that are not safe. The industry has worked to find a compromise between the requirement for remote administration of routers, switches and other network devices and the need to maintain security during access. The National Security Agency (NSA) has published guidelines for the safety of the router, it is recommended to limit the router and switch access management techniques in physical force, even if it requires the technician to travel to that site. While this is safe, is not necessarily commercial practices in the world. Realizing this, the NSA recommended security level alteatives using a network device for remote management of the network, restricting access to network administrators. The cost of building a dedicated network for management would be too expensive for most businesses. Another solution is required. Secure Remote Management enged apparatus (SRMa?) Is the solution. (Security issues The security of remote management applications should be examined carefully. The safety of access to the router and switch is a particular conce when allowing remote management. In most networks, management of devices for limiting physical access alone is not practical because of cost. Enabling a remote device management in order to avoid the costs and delays of the release of a person as the remote site could allow a hacker to use this form for remote access If an attack remote management solution is not very secure. enged The appliance Secure Remote Management (SRMa?) is "built" to provide the necessary security for remote administration. physical security requirements for network elements that should ensure, first, physically secure. Without physical security, is almost certain an attacker can compromise a router or switch. The facilities that house network devices remotely located security. This is a fundamental requirement for the security network . attivazione outgoing bandwidth management system out-of-band remote management director general of the connection to a console management port or the router or switch to a public or shared network. While the band outside a dedicated network would be the preferable solution for most of the out-of-band security management, the cost is usually prohibitive. Certain types of public shared network such as the PSTN or an Integrated Services Digital Network (ISDN) can provide the most economical solution for the connection of an outside band. The safety of this resource, however, is a major conce. enged The SRMa? is built for safety and to provide the most profitable. Although the most simple way of out-of - band for remote connectivity to a router or switch is to put a modem in the device console port for connecting to public switched telephone network (PSTN), total perimeter security for the network, such as a firewall or a list access, just completely over, thus providing a way to vulnerable to attack by intruders on the network. If an attacker knows or is able to determine the phone number for the modem then the only security is the protection of data access router. War markers can generally find the phone numbers for these modems. The modem is not a good solution, but it is one that many network administrators are effectively implemented in their networks. Even the threats to security, some administrators network that the modem to the console ports of routers and other devices on the network. For them, the operational benefits of having the modem in the network device outweigh the risks. they need the option of remote access and management of devices network and are willing to compromise on safety, because there was no better alteative. Another network administrators chose to use a modem that requires a user name and password can be generated single sheets, or use of smart card for access. Normally, only the top of the line of modems offer this feature, and even those with a limited number of users that can be configured. The administration of user names and passwords is a nightmare that often a single useame and password and configure each user shares the same password. This creates a real safety problem that is too common in many networks today. Commitment to security is not required when enged SRMa? is injected into the network. The placement a modem on the console port of a network device like a router, may not always indicate if the analog modem and it works properly before the interruption of a network. If the modem does not respond during the identification of problems is not a strong indicator that one wishes that the site has lost power. It is possible that some of the "out of band" connection has been disconnected or have failed without being detected. It is not unknown for a telephone line connected to the modem router to be in a "borrowed" for other purposes, and never retued. "If there's a problem with the" out of band "way of being discovered and corrected before there is an interruption of network data, where there is an interruption. Checks and analysis outside the band connection can solve this problem. enged appliance Secure Remote Management (SRMa) this. In large corporate networks could be the decision that the risks are too great to allow the installation of a modem, and are not allowed. They have the ability to access and manage network devices, which require slow and costly access. There is no acceptable alteative or better has been available until now: the management apparatus enged Certification (SRMa). Ensure that all protocols Network Management Protocol management of the network should be safe. Most of the protocols on the remote management of routers and switches do not provide the confidentiality and integrity of information transmitted between the remote device and the network administrator, or to confirm the authentication of the parties conceed. This is particularly important if a public network such as the PSTN is used for out-of-band connectivity. enged The Solution The Secure Remote Management Appliance (SRMa?) is a "construction" very secure embedded device, providing multi-path, cost-saving remote management of network devices. enged The SRMa? protects management interfaces of the network. SRMa the key features: * Yes protects the lines of communication, both in band and out-of-band, used to manage the device remotely, * Implements the functions to improve the availability of a location to manage the devices * Provides advanced features to accelerate problem determination and repair a problem, and * faster and allows for easier maintenance devices located remotely from the network administrator. * Ensure both in band and out-of-band management of the communication path, the full path * Supports multiple centralized authentication for ' access by managers, * All access to centralized network services, including server authentication in off-band (OOB), and the connection bandwidth connection, connections * Monitor (OOB, Console, in the band) and when the records are not available, * Ensure all management protocols (SNMP, TFTP, XML, ...) * Notice of a power outage, * Prevents the hijacking of the distance of privilege device console port. enged appliance Secure Remote Management ( SRMa?) On existing businesses throughout the world are rethinking and review of all aspects of the security vulnerabilities of the network, as the cost of scaling up. High network availability and the need that you want. enged appliance Secure Remote Technologies Management (SRMa?) allows the complete remote network management of secure, high availability networks. The SRMa? solution and provides the necessary reliability. enged The appliance Secure Remote Management (SRMa?) is "built" to do so. The SRMa? physically together with your computer remotely. Ubicación which could be many miles from where the Network Operations Center and central server is responsible. The SRMa? is connected to the Network Operations Center (NOC) through In-Band Out-and back-up band (OOB), lines of communication. SRMa Access? the NOC is via a gateway device. A network administrator, whether in the NOC, or in connection with the VPN connection through a NOC communicates with the remote located SRMa? through the gateway when used for the band or OOB back roads, never intended to settle away SRMa located?. This design allows for authorization and authentication of administrators at all times. This design allows the SRMa? to take full advantage of all servers in the NOC, in any time, both during and Band OOB communications. This is an important safety advantage SRMa? design compared to other solutions on the market today. The SRMa? is designed to be the solution to improve the infrastructure as a safety net for improve management and reduce costs of network operator. When network security is a necessity, and its profitability, timely management of the network is important, enged appliance Secure Remote Management (SRMa?) provides the solution. ==== ===== =================== Article Date: 20 April 2004 Article Links: - Secure Remote Device Management (SRMa?) - - enged Technologies, Inc.? 2005 enged Technologies, Inc. () You can reproduce this article online and in print provided the links remain live and the content remains unaltered (including the "About the Author" message).