Xceedium Xio Framework: Securing Remote Out-of-band Access
|
|
- Russell Burns
- 5 years ago
- Views:
Transcription
1 Xceedium Xio Framework: Securing Remote Out-of-band Access 1 Common Scenario A major corporation, with many domestic and international offices, has a massive network infrastructure that spans across many regions, such as America, Europe, and Asia/Pacific. For each of its numerous server rooms, redundant data centers, disaster recovery sites, and some co-location facilities found throughout the world, the company has, over time, deployed 100s of terminal server devices (a conservative estimate) to enable out-of-band access for administration and maintenance purpose. The terminal servers are for their network and telecommunication equipments, as well as many UNIX servers. For their Intel-based server environment, numerous KVM switches have also been deployed to allow access to multiple servers by the sharing of keyboard, video, and mouse (KVM). Typically, a terminal server (sometime also known as a console device) has a network interface and several serial ports. Each serial port is for connecting to the console port commonly found on network and UNIX-based devices. The console port on each device is intended for allowing access to the device without relying on the network interface on the device. For Intel servers connected to a KVM switch, the system administrator is physically working in front of the KVM. These are two common methods of outof-band console access. Securing Terminal Server Access Network engineers and UNIX administrators traditionally access via the out-of-band method by establishing a Telnet session from a desktop to the particular terminal server that has a serial connection to the console port on the backend device. Figure 1 illustrates a typical out-of-band configuration. Figure 1: Standard Out-of-Band Implementation
2 Known Issues 2 As showed in Figure 1, this type of setup has several known security concerns and limitations: 1. The Telnet session over the network, which is a clear text stream, can be easily snooped by anyone on the network with minimal effort. Information such as login account and password entered during the session can be discovered over the wire. This issue is particularly significant to the security infrastructure, where network and firewall devices have to be guarded against both external and internal users. 2. The terminal server devices are generally connected to the corporate backbone, which can be accessed by anyone on the network. One major issue concerning unauthorized access is that most legacy terminal server devices do not support per-port authentication. This means that if the IP address of a terminal server is known, then someone on the network can attempt to access the back-end devices connected to the terminal server by issue the following command: telnet ip_of_terminalserver port, where port is a number associated to the serial port number on the terminal server. In some cases, when the console of the back-end device is open, the unauthorized person can gain access to the device with the highest level of access right. 3. Telnet is generally blocked by the corporate firewall so off-site engineers are not allowed to gain access to the terminal servers over the Internet. Remote access into the private network by offsite engineers must rely on either a VPN or a dial-in facility. 4. Auditing of all out-of-band access sessions from anywhere to anywhere by anyone is an impossible task. Solutions Proven Ineffective To address these age-old issues, a new breed of terminal server device has emerged from various vendors. The new generation terminal server is basically a legacy terminal server with Telnet being replaced by the Secure Shell (SSH) or another form of built-in encrypted access. This new capability protects the transmission over the network by encrypting the session between the authorized user and the connected terminal server. Figure 2: Replacing Legacy with New SSH-enabled Terminal Servers Note: 1. Encrypted session prevents snooping. 2. SSH-enabled terminal server devices can still be reachable by anyone on the network.
3 As illustrated in Figure 2, the encrypted connection between the authorized user and the new terminal server device is protected. Therefore, security vulnerability associated with network snooping is resolved. However, because the new terminal servers are still connected to the corporate network, unauthorized access attempts can still occur simply by using a SSH client installed on a workstation residing somewhere on the network. One major issue pertaining to this solution is costs. In order to adopt this type of solution, the company has to purchase 100s of the new generation terminal servers, which can be as much as $3000 for each unit. Furthermore, previous investment on the existing 100s of legacy terminal servers is immediately lost. As such, this solution becomes economically ineffectively. Another potential issue is the amount of manual labor required to perform the terminal server replacements. As each terminal server generally connects to at least 8 backend devices, rewriting and reconfiguring 100s of new devices may necessitate a dedicated effort as well as possible service outage due to hardware downtime. Other issues exist with this solution. Such as: No Centralized Access Management for all out-of-band access. Can not easily establishing a Policy-based Access Control to differentiate authorized users. Limited expandability to include non-serial out-of-band access methods, such as kvm-over-ip and remote power control. Lack of integrated access control to incorporate other methods of access. Due to the high costs and labor intensiveness of this solution, very few companies have adopted it today. 3 Xio UAG Enhances Legacy Terminal Servers Xceedium s Xio UAG can be easily applied in this scenario to completely eliminate the need to replace the existing terminal servers. Furthermore, the resulting benefit can be extended beyond securing console access for network devices and various UNIX servers. Figure 3 illustrates the simplicity of utilizing the Xio UAG as a gateway for controlling access, and the flexibility it offers for future extension of control. Figure 3: Xio UAG secures and web-enables all existing terminal servers with centralized control
4 In Figure 3, the Xio UAG can be setup to use its 1 st network interface to connect to the corporate network; and the 2 nd network interface is used to create a dedicated out-of-band network segment where all terminal servers are attached. This isolated network can not be accessed by anyone without going through the Xio UAG, and only authorized users can access the Xio UAG. This method of implementation offers a number of benefits: 1. No need to replace the 100s of legacy terminal servers. This eliminates the high cost of purchasing new terminal servers with built-in encryption. This also eliminates the need to rewire cables between the terminal servers and the backend devices. 2. Each authorized user for out-of-band access is registered with the Xio UAG. Xio UAG s user profiling enables the company to establish a policy-based control for all serial out-of-band access. 3. All terminal servers, backend devices, user profiles, and access policy are centrally managed. 4. Authorized sessions are protected by a 128bit encryption between the user and the Xio UAG. Snooping is effectively eliminated. 5. Xio UAG supports Radius so token security can be used to enhance access control for mission critical computing environments, internally. 4 Xio UAG Enhances Legacy KVM Switches Leveraging the Xio UAG, along with the dedicated out-of-band network created for complete control of remote out-of-band access for terminal servers, the company can now effortlessly extend its access control to include remote KVM console access for all the Intel servers. Working in conjunction with one of Xceedium s add-on options, a KVM-over-IP module, the company s legacy KVM switches can be accessed over the network. Figure 4 illustrated how KVM out-of-band can be incorporated into the Xio framework. Figure 4: Extending Xio UAG to centrally manage all remote out-of-band access Each KVM-over-IP module supports one legacy KVM switch, which may be shared by 8,16,24,32 or more Intel servers (depending on the capability of the existing legacy KVM switch). This module takes advantage of the central access management framework provided by the Xio UAG already deployed. The follow benefits are immediate attainable with such a simple extension of the Xio UAG s capability: 1. KVM console can be access remotely using a browser. There is no more distance restriction. 2. The KVM console sessions are immediately protected by the Xio UAG s security framework: policy-based access, central management, user profiling, encrypted data transmission, and session auditing. 3. A local KVM port is available on the module for connecting a monitor, keyboard, and mouse. 4. KVM access becomes an integral part of the company s new secure out-of-band infrastructure.
5 Xio UAG Controlling Remote Power Access 5 Additional add-on power control options can further the company s centralized management of remote access security. Figure 5 illustrates the ease of incorporating remote power control into the existing Xio framework. Figure 5: Extending Xio UAG to centrally manage all remote power control There are a variety of add-on power modules available to meet different setup requirements. The Xio UAG supports Xceedium-brand power modules as well as some 3 rd -party network-enabled power management products. Remote power control access is managed by the same security policy defined in the Xio UAG. The Complete Xio Secure Out-of-Band Access Framework With the Xio framework in place for LAN-based remote out-of-band access, centralized management can accommodate for all external use. By utilizing the 3 rd network interface on the Xio UAG, the company can safely extend its secure out-of-band access framework to facilitate many remote applications. Figure 6 illustrates the complete Xio framework for all remote out-of-band access and power management. Incoming sessions, originated from either the Internet or Extranet, from authorized users (such as vendor support engineers or mobile IT resources) are secured without requiring a VPN setup or a dedicated dialin facility. The Xio UAG supports Radius for token security as well as provides for multi-level authentications. Combining the user profiling and policy-based access control, authenticated remote users can only access specific IT devices via the specific allowed access methods defined in the profile. This type of remote access provisioning is more suitable for non-trusted user than a VPN solution. WAN applications include remote IT administration and troubleshooting. Xio UAG enables engineers to respond to remote IT issues in real time, thereby eliminating travel time and associated expenses. Colocated IT facilities can be fully accessed for remote IT administration by the company s in-house engineers. This eliminates the dependency on the providers potentially limited technical capability. Beyond the Out-of-Band Access While this documentation introduces the Xio framework specific to seizing full control of all remote out-ofband access, the Xio UAG can fully support virtually all known in-band access methods such as graphical sessions in X, Windows, and Mac; and text-based sessions by Telnet, SSH, and Informational
6 documents are available for implementing the Xio framework solution for all in-band and out-of-band access management. Please check our website for additional detail: 6 Figure 6: The Complete Xio Secure Out-of-Band Access Framework Implementation
7 APPENDIX A: Practical choke point Application for SAN environment 7 A typical SAN infrastructure can be secured by creating an access choke point to enforce security and manage access control. The follow simplified diagram illustrates the vulnerability within the SAN infrastructure and how it can be addressed using the Xio framework. Figure 7: Securing administrative access to all SAN components
8 APPENDIX B: Practical choke point Application for Enterprise Access Control 8 An enterprise implementation of the Xio framework would require the Management Console (MC) unit to centrally manage users, devices, and access policies. Additionally, the MC provides a central repository for logs from all managed Xio UAG devices. The MC offers enterprises the ability to deploy n-active Xio UAG devices without the limitation generally found in active-passive pair configuration architecture. Figure 8: Securing administrative access to all SAN components
Opengear Technical Note
) 0 FO U N D Y FastIron Workgroup X N E T WO R K S C o n s o le L in k 0 P o w e r F F F F 0 0 0 0 0 0 S Y T R P S S T A T D U P L X S P E E D M O D E 0 0 -Port Standard KVM Switch Model B00-00 0 0 C at
More informationRemote power and console management in large datacenters
Remote power and console management in large datacenters A Horváth IT department, CERN, CH-1211 Genève 23, Switzerland E-mail: Andras.Horvath@cern.ch Abstract. Today s datacenters are often built of a
More informationWHITE PAPER. Good Mobile Intranet Technical Overview
WHITE PAPER Good Mobile Intranet CONTENTS 1 Introduction 4 Security Infrastructure 6 Push 7 Transformations 8 Differential Data 8 Good Mobile Intranet Server Management Introduction Good Mobile Intranet
More informationHikCentral V.1.1.x for Windows Hardening Guide
HikCentral V.1.1.x for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1 Strict Password Policy... 2 1.2 Turn Off Windows Remote
More informationREMOTE IT MANAGEMENT SOLUTIONS: MANAGE REMOTE OFFICES WITHOUT LEAVING YOURS
REMOTE IT MANAGEMENT SOLUTIONS: MANAGE REMOTE OFFICES WITHOUT LEAVING YOURS IT Challenges AT THE REMOTE OFFICE Compared to data centers, remote offices and facilities pose unique hardware and IT management
More informationMulti-Layered Security Framework for Metro-Scale Wi-Fi Networks
Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks A Security Whitepaper January, 2004 Photo courtesy of NASA Image exchange. Image use in no way implies endorsement by NASA of any of the
More informationHikCentral V1.3 for Windows Hardening Guide
HikCentral V1.3 for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1Strict Password Policy... 2 1.2Turn Off Windows Remote
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More informationSecuring Access to Network Devices
Securing Access to Network s Data Track Technology October, 2003 A corporate information security strategy will not be effective unless IT administrative services are protected through processes that safeguard
More information31270 Networking Essentials Focus, Pre-Quiz, and Sample Exam Answers
31270 Networking Essentials Focus, Pre-Quiz, and Sample Exam Answers CONTENTS Focus Questions... 2 Chapter 1: Explore the Network... 2 Chapter 2: Configure a Network Operating System... 5 Chapter 3: Network
More informationEchidna Concepts Guide
Salt Group Concepts Guide Version 15.1 May 2015 2015 Salt Group Proprietary Limited. All rights reserved. Information in this document is subject to change without notice. The software described in this
More informationWHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution
WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution Tervela helps companies move large volumes of sensitive data safely and securely over network distances great and small. We have been
More informationVMware HA: Overview & Technical Best Practices
VMware HA: Overview & Technical Best Practices Updated 8/10/2007 What is Business Continuity? Business Continuity = Always-on uninterrupted availability of business systems and applications Business Continuity
More informationSecuring Wireless Networks by By Joe Klemencic Mon. Apr
http://www.cymru.com/ Securing Wireless Networks by By Joe Klemencic (faz@home.com) Mon. Apr 30 2001 Many companies make attempts to embrace new technologies, but unfortunately, many of these new technologies
More informationIntranets and Virtual Private Networks (VPNs)
Intranets and Virtual Private Networks (VPNs) Definition Private networking involves securely transmitting corporate data across multiple sites throughout an entire enterprise. Creating a truly private
More informationSecuring the Empowered Branch with Cisco Network Admission Control. September 2007
Securing the Empowered Branch with Cisco Network Admission Control September 2007 Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. 1 Contents 1 The Cisco Empowered Branch 2 Security Considerations
More informationTwo-factor Authentication: A Tokenless Approach
Two-factor Authentication: A Tokenless Approach Multi-factor Authentication Layer v.3.2-010 PistolStar, Inc. dba PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 617.674.2727 E-mail:
More informationSolution Overview Vectored Event Grid Architecture for Real-Time Intelligent Event Management
Solution Overview Vectored Event Grid Architecture for Real-Time Intelligent Event Management Copyright Nuvon, Inc. 2007, All Rights Reserved. Introduction The need to improve the quality and accessibility
More informationAutomating VPN Management
Automating VPN Management By Scott Hilton, Vice President Product Management Assured Digital, Inc. Although many network managers, users and executives agree on the benefits of virtual private networking,
More informationThe SafeNet Security System Version 3 Overview
The SafeNet Security System Version 3 Overview Version 3 Overview Abstract This document provides a description of Information Resource Engineering s SafeNet version 3 products. SafeNet version 3 products
More informationIEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT
IEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT Hüseyin ÇOTUK Information Technologies hcotuk@etu.edu.tr Ahmet ÖMERCİOĞLU Information Technologies omercioglu@etu.edu.tr Nurettin ERGİNÖZ Master Student
More informationSecurity Fundamentals for your Privileged Account Security Deployment
Security Fundamentals for your Privileged Account Security Deployment February 2016 Copyright 1999-2016 CyberArk Software Ltd. All rights reserved. CAVSEC-PASSF-0216 Compromising privileged accounts is
More informationIntroduction to iscsi
Introduction to iscsi As Ethernet begins to enter into the Storage world a new protocol has been getting a lot of attention. The Internet Small Computer Systems Interface or iscsi, is an end-to-end protocol
More informationOpengear Application Note
) 42 41 40 39 FO U N D Y FastIron Workgroup X448 N E T WO R K S C o n s o le 38 4 9 L in k 5 0 1 3 5 7 9 1 1 1 3 1 5 1 7 1 9 2 1 2 3 2 5 2 7 2 9 3 1 3 3 3 5 P o w e r 4 5 F 4 6 F 4 7 F 4 8 F 37 2 4 6 8
More informationNetwork+ Guide to Networks 6 th Edition
Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access Objectives 1. Explain virtualization and identify characteristics of virtual network components 2. Create and configure
More informationNever Drop a Call With TecInfo SIP Proxy White Paper
Innovative Solutions. Trusted Performance. Intelligently Engineered. Never Drop a Call With TecInfo SIP Proxy White Paper TecInfo SD-WAN product - PowerLink - enables real time traffic like VoIP, video
More informationAccessing CharityMaster data from another location
Accessing CharityMaster data from another location When all of your computers are on the same Local Area Network (LAN), you can place the back end files (including your data and the Word templates) onto
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationChapter Topics Part 1. Network Definitions. Behind the Scenes: Networking and Security
Chapter Topics Part 1 Behind the Scenes: Networking and Security CS10001 Computer Literacy Business Networks Network Advantages Client/Server Networks Network Classifications Servers Toplogies Chapter
More informationIBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights
IBM Secure Proxy Advanced edge security for your multienterprise data exchanges Highlights Enables trusted businessto-business transactions and data exchange Protects your brand reputation by reducing
More informationOut-of-Band Management for Windows Server 2003
Out-of-Band Management for Windows Server 2003 White Paper Abstract This paper provides information about out-of-band management for the Microsoft Windows Server 2003 family of operating systems. It describes
More informationHow Parallels RAS Enhances Microsoft RDS. White Paper Parallels Remote Application Server
How Parallels RAS Enhances Microsoft RDS White Paper Parallels Remote Application Server Table of Contents Introduction... 3 Overview of Microsoft Remote Desktop Services... 3 Microsoft RDS Pain Points...
More informationNetwork Performance, Security and Reliability Assessment
Network Performance, Security and Reliability Assessment Presented to: CLIENT NAME OMITTED Drafted by: Verteks Consulting, Inc. 2102 SW 20 th Place, Suite 602 Ocala, Fl 34474 352-401-0909 ASSESSMENT SCORECARD
More informationCyberP3i Course Module Series
CyberP3i Course Module Series Spring 2017 Designer: Dr. Lixin Wang, Associate Professor Firewall Configuration Firewall Configuration Learning Objectives 1. Be familiar with firewalls and types of firewalls
More informationWHITEPAPER. Security overview. podio.com
WHITEPAPER Security overview Podio security White Paper 2 Podio, a cloud service brought to you by Citrix, provides a secure collaborative work platform for team and project management. Podio features
More informationDelivering. Effective Element Management Networks
Delivering Effective Element Management RELIABLE for Networks Reducing Costs While Improving NETWORK PERFORMANCE is the PROBLEM NODE D NODE D NODE E Central Office B Central Office A NODE D Central Office
More informationREMOTE ACCESS AND CONTROL SOLUTIONS
REMOTE ACCESS AND CONTROL SOLUTIONS What is a KVM switch? KVM switches enable users to access and control multiple computer devices from a single keyboard, video and mouse (KVM) console. This includes
More informationConcord Fax Network Architecture. White Paper
Concord Fax Network Architecture White Paper Page 2 Table of Contents Introduction 3 The 99.99% Uptime Fax Network 4 Reliability and High Availability 5 Security 9 Delivery 14 Network Monitoring 19 About
More informationThree Pillars of Effective Disaster Recovery
WHITE PAPER Three Pillars of Effective Disaster Recovery 1 WHITE PAPER Three Pillars of Effective Disaster Recovery: DRaaS + Networking + Managed Hosting Disaster Recovery is following the paths of other
More informationW H I T E P A P E R : O P E N. V P N C L O U D. Implementing A Secure OpenVPN Cloud
W H I T E P A P E R : O P E N. V P N C L O U D Implementing A Secure OpenVPN Cloud Platform White Paper: OpenVPN Cloud Platform Implementing OpenVPN Cloud Platform Content Introduction... 3 The Problems...
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More informationCommandCenter Secure Gateway
CommandCenter Secure Gateway Version 4.1.0 Question What is CommandCenter Secure Gateway (CC-SG)? What are the different CC-SG hardware options supported? CommandCenter Secure Gateway (CC-SG) is a management
More informationReady Theatre Systems RTS POS
Ready Theatre Systems RTS POS PCI PA-DSS Implementation Guide Revision: 2.0 September, 2010 Ready Theatre Systems, LLC - www.rts-solutions.com Table of Contents: Introduction to PCI PA DSS Compliance 2
More informationiscsi Technology: A Convergence of Networking and Storage
HP Industry Standard Servers April 2003 iscsi Technology: A Convergence of Networking and Storage technology brief TC030402TB Table of Contents Abstract... 2 Introduction... 2 The Changing Storage Environment...
More informationCisco Network Admission Control (NAC) Solution
Data Sheet Cisco Network Admission Control (NAC) Solution New: Updated to include the Cisco Secure Network Server (SNS) Cisco Network Admission Control (NAC) solutions allow you to authenticate wired,
More informationBlackBerry Mobile Voice System
BlackBerry Mobile Voice System BlackBerry Mobile Voice System Mobile Unified Communications Mobile Voice System ( MVS) is designed to unify desk phone features on smartphones and Wi-Fi networks to optimize
More informationNIST Revision 2: Guide to Industrial Control Systems (ICS) Security
NIST 800-82 Revision 2: Guide to Industrial Control Systems (ICS) Security How CyberArk can help meet the unique security requirements of Industrial Control Systems Table of Contents Executive Summary
More informationSOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE
SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE March 2018 Table of Contents Introduction...1 Design...2 Use Cases...2 Underlay...3 Overlay...3 Dynamic Segmentation...3 Non-Stop Networking...4 Summary...5
More informationWhite paper: Agentless Backup is Not a Myth. Agentless Backup is Not a Myth
White paper: less Backup is Not a Myth less Backup is Not a Myth White paper: less Backup is Not a Myth Executive Summary Backup and recovery software typically requires agents that are installed onto
More informationUnderstanding VLANs. Existing Shared LAN Configurations CHAPTER
CHAPTER 1 Understanding VLANs This chapter provides an introduction to VLANs and switched internetworking, compares traditional shared LAN configurations with switched LAN configurations, and discusses
More informationInnovative Solutions. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Solutions. Technology Brief
Innovative. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Technology Brief Comparison of SD WAN SD-WAN Overview By the end of 2019, 30% of enterprises will use SD-WAN products in
More informationDeltaV Remote Client. Introduction. Remote engineering and operator consoles. View Multiple DeltaV Systems from a single workstation
DeltaV Distributed Control System Product Data Sheet July 2018 DeltaV Remote Client Remote Client Remote Client Firewall Emerson Smart Firewall L2.5 Network Remote Desktop Server (Professional Plus or
More informationOracle Mission Critical Support Platform. General. Installation. Troubleshooting. Inventory and Discovery. Frequently Asked Questions Release 2.
Oracle Mission Critical Support Platform Frequently Asked Questions Release 2.3 E23199-01 May 2011 General What is Oracle Mission Critical Support Platform? Is Oracle Mission Critical Support Platform
More informationCloud FastPath: Highly Secure Data Transfer
Cloud FastPath: Highly Secure Data Transfer Tervela helps companies move large volumes of sensitive data safely and securely over network distances great and small. Tervela has been creating high performance
More informationDeltaV Remote Client. Introduction. Remote engineering and operator consoles. View Multiple DeltaV Systems from a single workstation
DeltaV Distributed Control System Product Data Sheet December 2017 DeltaV Remote Client Remote Client Remote Client Firewall Emerson Smart Firewall L2.5 Network Remote Desktop Server (Professional Plus
More informationImproving Business Continuity for the
Improving Business Continuity for the Remote Office EXECUTIVE SUMMARY Remote System availability is critical to maintaining business continuity. Network outages and related disruptions in services account
More informationGuardian PRODUCT BRIEF. Introduction. ... a suite of OAM&P NetApps
PRODUCT BRIEF Guardian... a suite of OAM&P NetApps NetKit Solutions NetApps, include a range of OAM&P application solutions to enhance the effectiveness of the SmartNet ACP platforms in Operational Support
More informationTable of Contents. Page 1 of 6 (Last updated 27 April 2017)
Table of Contents What is Connect?... 2 Physical Access Controls... 2 User Access Controls... 3 Systems Architecture... 4 Application Development... 5 Business Continuity Management... 5 Other Operational
More informationSafeguarding Cardholder Account Data
Safeguarding Cardholder Account Data Attachmate Safeguarding Cardholder Account Data CONTENTS The Twelve PCI Requirements... 1 How Reflection Handles Your Host-Centric Security Issues... 2 The Reflection
More informationGoToMyPC Corporate Product Guide
GoToMyPC Corporate Product Guide 072402 Contents Product Overview...1 How It Works...1 Target Audiences/Product Uses...2 Primary Selling Points...3 Software Features and Benefits...4 Administration Center
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : 642-541 Title : VPN and Security Cisco SAFE Implementation Exam (CSI) Vendors : Cisco
More informationHIPAA Security and Privacy Policies & Procedures
Component of HIPAA Security Policy and Procedures Templates (Updated for HITECH) Total Cost: $495 Our HIPAA Security policy and procedures template suite have 71 policies and will save you at least 400
More informationApplication Note 3Com VCX Connect with SIP Trunking - Configuration Guide
Application Note 3Com VCX Connect with SIP Trunking - Configuration Guide 28 May 2009 3Com VCX Connect Solution SIP Trunking Table of Contents 1 3COM VCX CONNECT AND INGATE... 1 1.1 SIP TRUNKING SUPPORT...
More informationHardware and Software Requirements
Hardware and Software Requirements WideOrbit s WO Media Sales is a full client-server based sales system. Users run a thick client on a Windows 10*, Windows 8 or Windows 7, which connects directly to a
More informationInformation System Security. Nguyen Ho Minh Duc, M.Sc
Information System Security Nguyen Ho Minh Duc, M.Sc Contact 2 Nguyen Ho Minh Duc Phone: 0935 662211 E-mail: duc.nhm@gmail.com Web:http://nhmduc.wordpress.com 3 Lecture 01 INTRODUCTION Topics 4 What information
More informationImplementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
Question Number (ID) : 1 (jaamsp_mngnwi-088) You are the administrator for medium-sized network with many users who connect remotely. You have configured a server running Microsoft Windows Server 2003,
More informationISSP Network Security Plan
ISSP-000 - Network Security Plan 1 CONTENTS 2 INTRODUCTION (Purpose and Intent)... 1 3 SCOPE... 2 4 STANDARD PROVISIONS... 2 5 STATEMENT OF PROCEDURES... 3 5.1 Network Control... 3 5.2 DHCP Services...
More informationThe Balabit s Privileged Session Management 5 F5 Azure Reference Guide
The Balabit s Privileged Session Management 5 F5 Azure Reference Guide March 12, 2018 Abstract Administrator Guide for Balabit s Privileged Session Management (PSM) Copyright 1996-2018 Balabit, a One Identity
More informationDelivering Windows-based Client-Server Applications Anywhere, On Demand with Presentation Server 4.5
Delivering Windows-based Client-Server Applications Anywhere, On Demand with Presentation Server 4.5 Conrad Lee Enterprise Sales Engineer Hong Kong & Taiwan Delivering Windows Applications (IT Infrastructure
More informationSentinet for Microsoft Azure SENTINET
Sentinet for Microsoft Azure SENTINET Sentinet for Microsoft Azure 1 Contents Introduction... 2 Customer Benefits... 2 Deployment Topologies... 3 Cloud Deployment Model... 3 Hybrid Deployment Model...
More informationMetasys System Extended Architecture
Product Bulletin Issue Date March 31, 2003 Metasys System Extended Architecture The architecture of the Metasys building automation and facilities management system has been extended to be fully compatible
More informationA+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials
A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e Chapter 8 Networking Essentials Objectives Learn about the protocols and standards Windows uses for networking Learn how to connect
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 6 Release 1 System i Security Digital Certificate Manager Version 6 Release 1 Note Before using this information and the product it supports, be sure
More informationJaringan Komputer (CCNA-1)
Jaringan Komputer (CCNA-1) #2 Configuring a Network Operating System Susmini I. Lestariningati, M.T Introduction (1) Home networks typically interconnect a wide variety of end devices including PCs, laptops,
More informationSecurity and PCI Compliance for Retail Point-of-Sale Systems
Security and PCI Compliance for Retail Point-of-Sale Systems In the retail business, certain security issues can impact customer confidence and the bottom line regulatory penalties, breaches, and unscheduled
More informationIT your way - Hybrid IT FAQs
Hybrid IT IT your way - Hybrid IT FAQs Create a strategy that integrates in-house and outsourced IT services to meet ever-changing business requirements. Combine on-premise and off premise solutions Mix
More informationON-LINE EXPERT SUPPORT THROUGH VPN ACCESS
ON-LINE EXPERT SUPPORT THROUGH VPN ACCESS P. Fidry, V. Rakotomanana, C. Ausanneau Pierre.fidry@alcatel-lucent.fr Alcatel-Lucent, Centre de Villarceaux, 91620, Nozay, France Abstract: As a consequence of
More informationTACACS Device Access Control with Cisco Active Network Abstraction
TACACS Device Access Control with Cisco Active Network Abstraction Executive Summary Cisco Active Network Abstraction (ANA) is an extensible and scalable product suite that resides between the network
More informationRethink Remote Access
Rethink Remote Access Since 1986, the NCP engineering development team has continuously pushed to rethink how to allow enterprises to overcome the complexities of creating, managing and maintaining remote
More informationRSA SecurID Implementation
Partner Information Partner Name Website Product Name Barracuda Networks Version & Platform x60 Series Product Description Product Category Solution Summary www.barracudanetworks.com Product Information
More informationUtilizing Cloud Storage for Mainframes
Utilizing Cloud Storage for Mainframes Art Tolsma Luminex Software, Inc. March 13, 2014 Session #14847 1 Why Cloud Storage? Cloud Storage and Cloud Computing are changing how IT operates outside of the
More informationControl-M and Payment Card Industry Data Security Standard (PCI DSS)
Control-M and Payment Card Industry Data Security Standard (PCI DSS) White paper PAGE 1 OF 16 Copyright BMC Software, Inc. 2016 Contents Introduction...3 The Need...3 PCI DSS Related to Control-M...4 Control-M
More informationNetPro. from Wireless Logic. Available on a per SIM license basis. No CAPEX. Retain your Airtime Contracts with your existing providers
NetPro from Available on a per SIM license basis Real-time usage monitoring of Data SIMs Retain your Airtime Contracts with your existing providers No CAPEX Secure and resilient connectivity via VPN Be
More informationproduct overview CRASH
product overview CRASH e back up everyone, everywhere PROe Software Continuous backup for business Use CrashPlan PROe for continuous, cross-platform backup that works everywhere, enabling users to easily
More informationSECURE, FLEXIBLE ON-PREMISE STORAGE WITH EMC SYNCPLICITY AND EMC ISILON
White Paper SECURE, FLEXIBLE ON-PREMISE STORAGE WITH EMC SYNCPLICITY AND EMC ISILON Abstract This white paper explains the benefits to the extended enterprise of the on-premise, online file sharing storage
More informationMicrosoft DirectAccess
Microsoft DirectAccess The New Choice of Enterprises Over Traditional VPN Whitepaper August 2017 Microsoft DirectAccess The New Choice of Enterprises Over Traditional VPN Microsoft DirectAccess is a unique
More informationMPLS in the DCN. Introduction CHAPTER
CHAPTER 5 First Published: January 3, 2008 Last Updated: January 3, 2008 Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images Use Cisco Feature Navigator to find information
More informationVMware Mirage Getting Started Guide
Mirage 5.8 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document,
More informationVirtualizing Open Text Fax Server with Realtime Fax over IP and Open Text Fax Gateway
Virtualizing Open Text Fax Server with Realtime Fax over IP and Open Text Fax Gateway Abstract Computer virtualization is a revolutionary concept that provides organizations with a powerful, simple, and
More informationEnabling Branch Office Consolidation
WHITE PAPER Enabling Branch Office Consolidation A Riverbed Technology White Paper Executive Summary The first wave of IT consolidation moved services out of the remote office and into the data center
More informationA Ready Business rises above infrastructure limitations. Vodacom Power to you
A Ready Business rises above infrastructure limitations Vodacom Power to you Vodacom Business Nigeria Managed Hosted Services Get Ready to free up your business. To succeed in today s world of dramatic
More informationEnterasys. Design Guide. Network Access Control P/N
Enterasys Network Access Control Design Guide P/N 9034385 Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site
More informationAchieving End-to-End Security in the Internet of Things (IoT)
Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of
More informationDS Series & AutoView 1000R/2000R. Setting New Standards in IP Access and Control
DS Series & AutoView 1000R/2000R Setting New Standards in IP Access and Control DSR DS1800 CPS SPC AUTOVIEW 1000R/2000R S E E H O W A V O C E N T I S C H A N G I N G KVM s witching B A S I C K V M K V
More informationWhy KVM over IP? Leading the World in KVM Innovations
Why KVM over IP? In addition to the unlimited distances offered by a networked solution, utilizing over IP technology for video, audio, and control data distribution and extension offers boundless flexibility
More informationInsurance Industry - PCI DSS
Achieving PCI DSS Compliance with Vanguard Integrity Professionals Software & Professional Services. Vanguard is the industry leader in z/os Mainframe Software to ensure enterprise compliance with the
More informationVMware Mirage Getting Started Guide
Mirage 5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document,
More informationRethinking VDI: The Role of Client-Hosted Virtual Desktops. White Paper Virtual Computer, Inc. All Rights Reserved.
Rethinking VDI: The Role of Client-Hosted Virtual Desktops White Paper 2011 Virtual Computer, Inc. All Rights Reserved. www.virtualcomputer.com The Evolving Corporate Desktop Personal computers are now
More informationInformation Technology Policy Board Members. SUBJECT: Update to County WAN/LAN Wireless Standards
COUNTY OF SACRAMENTO Inter-Departmental Correspondence December 6, 2007 TO: FROM: Information Technology Policy Board Members Jeff Leveroni, Chair Technology Review Group SUBJECT: Update to County WAN/LAN
More informationIntroduction. H.323 Basics CHAPTER
CHAPTER 1 Last revised on: October 30, 2009 This chapter provides an overview of the standard and the video infrastructure components used to build an videoconferencing network. It describes the basics
More information