Table of Contents
Advertisement
Placing AdderLink IP alongside the firewall
AdderLink IP is built from the ground-up to be secure. It employs a sophisticated
128bit public/private key system that has been rigorously analysed and found
to be highly secure (a security white paper is available upon request from Adder
Technology Ltd). Therefore, you can position the AdderLink IP alongside the
firewall and control hosts that are also IP connected within the local network.
IMPORTANT: If you make the AdderLink IP accessible from the public Internet
or from a modem, care should be taken to ensure that the maximum security
available is activated. You are strongly advised to enable encryption and use
strong password. Security may be further improved by restricting client IP
addresses, using a non-standard port number for access or limiting remote
access to dial up connections only.
Ensuring sufficient security
The security capabilities offered by the AdderLink IP are only truly effective when
they are correctly used. An open or weak password or unencrypted link can
cause security loopholes and opportunities for potential intruders. For network
links in general and direct Internet connections in particular, you should carefully
consider and implement the following:
• Ensure that encryption is enabled.
local configuration
remote
By
or by
• Ensure that you have selected secure passwords with at least 8 characters
and a mixture of upper and lower case and numeric characters.
By
remote
configuration.
• Reserve the admin password for administration use only and use a non-
admin user profile for day-to-day access.
• Use the latest Secure VNC viewer (this has more in-built security than is
available with the Java viewer). To
• Use non-standard
port
numbers.
• Restrict the range of IP addresses that are allowed to access the AdderLink IP
to only those that you will need to use. To
• Do NOT Force VNC protocol 3.3.
• Add a further level of inherent security by restricting access only via modem
or ISDN dialup.
• Ensure that the computer accessing the AdderLink is clean of viruses and
spyware and has up-to-date firewall and anti-virus software loaded that is
appropriately configured.
• Avoid accessing the AdderLink from public computers.
configuration.
download the
viewer.
restrict IP
access.
Remote
configuration.
Security can be further improved by using the following suggestions:
• Use a KVM switch with On-Screen-Display driven security access and an
auto-logout (after inactivity) feature to provide a second level of security. KVM
switches such as the AdderView Matrix or SmartView XPro are recommended.
• Place the AdderLink IP behind a firewall and use port the numbers to route
the VNC network traffic to an internal IP address.
• Review the activity log from time to time to check for unauthorized use.
• Lock your server consoles after they have been used.
A security white paper that gives further details is available upon request from
Adder Technology Limited.
Ports
In this configuration there should be no constraints on the port numbers
because the AdderLink IP will probably be the only device at that IP address.
Therefore, maintain the HTTP port as 80 and the VNC port as 5900.
Addressing
When the AdderLink IP is situated alongside the firewall, it will require a public
static IP address (i.e. one provided by your Internet service provider).
More addressing information:
Discover DHCP-allocated addresses
DNS addressing
19
Advertisement
Table of Contents
