SECURITY FOR GAC2500 SERVICES
Provisioning via Configuration File
GAC2500 supports downloading configuration file via HTTP/HTTPS/TFTP. Below figure shows the options
for config file provisioning.
We recommend users to consider the following options for added security when deploying the GAC2500
with provisioning.
Config Upgrade Via: HTTPS:
-
By default, HTTPS is selected. This is recommended so the traffic is encrypted while travelling through
the network.
HTTP/HTTPS User Name and Password:
-
This can be set up as required on the provisioning server when HTTP/HTTPS is used. Only when the
GAC2500 has the correct username and password configured, it can be authenticated by the
provisioning server and the config file can be downloaded.
Authenticate Config file:
-
This sets the GAC2500 to authenticate configuration file before applying it. When set to "Yes", the
configuration file must include P value P1 with GAC2500's administration password. If it is missed or
does not match the password, the GAC2500 will not apply the config file.
Figure 16: GAC2500 Config File Provisioning
GAC2500 Security Guide
P a g e
|
15