Security & Access Features; Secure Shell (Ssh) Protocol; Acl Security; Port Pooling - General DataComm SC-ADT 8 Port Installation & Operation Manual

Introduction & Specifications
Security & Access Features

Secure Shell (SSH) Protocol

SC-ADT supports the Secure Shell (SSH) network protocol that allows data to be exchanged
between the SC-ADT and a remote user using a secure channel. The encryption used by SSH
provides confidentiality and integrity of data over an insecure network, such as the Internet. With
SSH enabled at the SC-ADT and the SSH client software available at the remote Windows
workstation, the remote user can create encrypted connections to the SC-ADT and its attached
devices.

ACL Security

SC-ADT provides a Port Access Control List (ACL) feature that adds additional security to terminal
server ports by restricting Telnet access by IP addresses. When configured with ACL, the SC-ADT
will only permit hosts with IP addresses defined in the ACL to access the terminal server ports.
Up to 16 ACLs may be defined, and each async port (port1 - port16) may be assigned to any ACL:
ACL[1] - ACL[16] or none. ACL features and benefirs are as follows:
• Up to 200 IP addresses may be configured in the ACL. While the same IP address may be added
to more than one ACL, each entry will count towards the maximum number of ACL IP
addresses.
• Status messages, such as Connecting, Connect, Port in use, Override port,
etc., indicate activity at the port and can be globally enabled/disabled for all ports.
• When ACL is enabled, the connect term-port command is automatically disabled.
In addition, the Telnet menu (via TCP port 23) will be displayed, but only Telnet clients whose
IP address pass the ACL check will be allowed to connect to a port.
• Global enable/disable commands allow the user to override a busy terminal server port and
control the logging of connect/disconnect messages.
• Default configuration values for ACL are:
ACL is Disabled.
ACL Violation logging is Disabled.
ACL traps are Disabled.
Note
For more information on the SSH or Access Control List (ACL) security features, refer to
Additional Features

Port Pooling

Every four consecutive ports may be grouped into a port pool, e.g., port1 through port 4 comprises
pool1, port5 through port8 comprises pool2, etc. These port pools are mapped to TCP ports as
follows: TCP port 2041 maps to pool1, TCP port 2042 maps to pool2, etc. Valid Telnet connections
to TCP ports 2041 through 2048 will automatically be recognized as pool ports and will roll the
connection over to the next available port within the associated pool. For devices with multiple craft
ports, port pooling can be used to allow multiple Telnet applications to the same device.
Note
For more information on the Port Pooling feature, refer to Chapter 3 under the section on
Pooled Ports and ACL
With async ports grouped in pools, each port in a pool can be assigned to the same ACL.
• If a Telnet connection does not pass the ACL check, the connection will be refused.
A time-stamped message is sent to the ACL violation log.
• When a Telnet connection passes the ACL check, the connection automatically rolls over to the
next available port in the pool. If the connection passes the ACL check but all ports in the pool
are busy, the connection is accepted and instantly closed. The event is sent to the Sysmsg log.
1-12
.
SpectraComm ADT
Installation and Operation Manual
Security & Access Features
Chapter 5,
Port Pooling
076R172-000
Issue 6
.