Security; Overview; Authentication; Management Security - Redline RDL-3000 SC User Manual

Rdl-3000 family broadband wireless radio platforms

Hide thumbs Also See for RDL-3000 SC:

User manual (143 pages)

Installation manuallines (65 pages)

Configuration instructions (9 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

Table of Contents

RDL-3000 FAMILY

6 Security

6.1 Overview

The Redline RDL-3000 provides a high level of security and reliability. Security features

include wireless authentication using X.509 certificates, and wireless encryption using

AES encryption. AES encryption is optional and may be purchased separately and

enabled by loading an AES-enabled options key.

Authentication

The RDL-3000 supports the following authentication features:

X.509 certificates for authentication

Challenge-response mechanism during the link setup

Management Security

The RDL-3000 includes security mechanisms for device management.

TLS 1.0 for HTTPS for secure Web access

SSH v2 for secure command line operation

SNMP v3 with AES support

Data Security

The RDL-3000 includes security mechanisms that provide sender authentication and

security and integrity for data sent over the wireless interface. These features include:

Wireless speed encryption for data traffic

Messages encrypted and validated using AES in CCM (Counter with Cipher Block

Chaining-Message Authentication Code)

Separate keys for data traffic and key transport:

Diffie-Hellman for key setup

AES Wrap algorithm for key transport

Keys are changed at random intervals

AES (Advanced Encryption Standard) option is an encryption standard used worldwide

to protect sensitive information. The AES cryptographic cipher uses a block length of

128 bits and key lengths of 128, 192 or 256 bits. As used in the United States, AES is a

Federal Information Processing Standard (FIPS) -- FIPS Publication 197 describing

cryptographic algorithms for use by U.S. Government organizations to protect sensitive,

information. The AES block cipher has been ratified as a standard by National Institute

of Standards and Technology of the United States (NIST).

Physical Security

The Redline RDL-3000 is enclosed in a weatherproof aluminum alloy case. The

module's enclosure is sealed using tamper-proof labels. The security of the RDL-3000

system is further increased by the following factors:

Stream cipher cannot be reverse-engineered -- even by destroying the equipment

Key generation algorithm cannot be reverse-engineered -- even by destroying the

equipment

MAC address of a system cannot be changed without damaging the equipment

Two communicating RDL-3000 systems detecting they have the same MAC address

will immediately shut down

70-00158-01-08

USER MANUAL

Page

135

of 150

December 7, 2011

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Rdl-3000 su Rdl-3000 m Enterprise

Security; Overview; Authentication; Management Security - Redline RDL-3000 SC User Manual

6 Security

6.1 Overview

Authentication

Management Security

Data Security

Physical Security

Hide quick links:

Related Manuals for Redline RDL-3000 SC

Related Products for Redline RDL-3000 SC

This manual is also suitable for:

Table of Contents