Table of Contents
Advertisement
Operation
Secure Access Modem Authentication Option
When factory-optioned as a Secure Access Modem, the SC Dual V.34 modem can function as a
Secure Access Modem (SAM) in a Secure Access Controller (SAC) system. The Secure Access
Controller (SAC) system consists of an SAC Administration Server, SAC Database, a SAC
Authentication Server, Client desktop software, and a Secure Access Modem. These components
authenticate remote users attempting to access protected network equipment, such as switches,
routers, multiplexers, etc.
The Authentication Server generates the private key exchanged by the modem and server, and the
public key exchanged by the modem and remote user's client software. Each connection sets up a
secure tunnel that passes AES-encrypted data to the authorized user. When a user terminates a
management session, the Secure Access Modem requests a connection to the Authentication Server
to obtain another new private key, thus preventing further access from the previous remote user or
intruders.
The Secure Access Modem is user-configured via extended AT commands typed at one of its
management interfaces (Telnet via the SCM, the SCM craft port, or a terminal connected to the
modemís DTE connector). SC Dual V.34 Dial Only modems purchased from the factory with the
SAM option are already capable of secure access controller authentication. For modems already
installed in a customer's network, contact your GDC service representative to arrange for an
upgrade. To configure a modem for SAM authentication, the following conditions must be met:
•
Modem must be enabled from the factory for SAM authentication.
•
There must be a V.42 link.
•
There must be a SAM ID, SAM PIN and at least one authentication server (with its phone
number) defined in the modem.
Note
For information on defining the SAM ID, acquiring a SAM PIN, setting up SAC servers and configuring
other parameters of a SAC system, consult your SAC Server software documentation, or contact your
GDC representative.
SAM Configuration Procedures
1. Access the modem AT command set from the desired management interface (the modem rear
panel terminal port, the SCM craft port, or via a Telnet connection to the SCM). If using the
SCM, ensure that Switch S1-4 on the SCM card is set to the open position. This is the factory
default which allows the terminal to function with the SCM card.
2. Configure the SAM ID by typing:
AT%X0=nnn
where nnn is the unique name for a particular SAM (from 6 to 32 alphanumeric characters).
3. Configure the SAM PIN by typing:
AT%X1=nnn
where nnn is the least significant 32 hexadecimal characters in the 64-character string you
acquired from the SAC server. The same value is used for all SAMs in your SAC system.
Note
The SAM ID and SAM PIN values entered in the modem must match the values in the SAC system.
The modem will promote lowercase alphabetic characters to uppercase.
3-16
SpectraComm Dual V.34 Modem
Installation and Operation
Security Overview
060R122-000
Issue 15
Advertisement
Table of Contents
