Secure Management - Nomadix AG 5500 User Manual
Access gateways
Hide thumbs
Also See for AG 5500:
- User manual (392 pages) ,
- User manual (344 pages) ,
- User manual (330 pages)
Table of Contents
Advertisement
AG 5500
Secure Management
There are many different ways to configure, manage and monitor the performance and up-time
of network devices. SNMP, Telnet, HTTP and ICMP are all common protocols to accomplish
network management objectives. And within those objectives is the requirement to provide the
highest level of security possible.
While several network protocols have evolved that offer some level of security and data
encryption, the preferred method for attaining maximum security across all network devices is
to establish an IPSec tunnel between the NOC (Network Operations Center) and the edge
device (early VPN protocols such as PPTP have been widely discredited as a secure tunneling
method).
As part of Nomadix' commitment to provide outstanding carrier-class network management
capabilities to its family of public access gateways, we offer secure management through the
NSE's standards-driven, peer-to-peer IPSec tunneling with strong data encryption.
Establishing the IPSec tunnel not only allows for the secure management of the Nomadix
gateway using any preferred management protocol, but also the secure management of third
party devices (for example, WLAN Access Points and 802.3 switches) on private subnets on
the subscriber side of the Nomadix gateway. See also,
Tunnel}" on page
Two subsequent events drive the secure management function of the Nomadix gateway and the
devices behind it:
1.
Establishing an IPSec tunnel to a centralized IPSec termination server (for example,
Nortel Contivity). As part of the session establishment process, key tunnel parameters are
exchanged (for example, Hash Algorithm, Security Association Lifetimes, etc.).
The exchange of management traffic, either originating at the NOC or from the edge
2.
device through the IPSec tunnel. Alternatively, AAA data such as RADIUS
Authentication and Accounting traffic can be sent through the IPSec tunnel. See also,
"RADIUS-driven Auto Configuration" on page
The advantage of using IPSec is that all types of management traffic are supported, including
the following typical examples:
ICMP - PING from NOC to edge devices
Telnet - Telnet from NOC to edge devices
Web Management - HTTP access from NOC to edge devices
SNMP
Introduction
148.
SNMP GET from NOC to subscriber-side device (for example, AP)
SNMP SET from NOC to subscriber-side device (for example, AP)
SNMP Trap from subscriber-side device (for example, AP) to NOC
"Enabling Secure Management {VPN
15.
17
Hide quick links:
Advertisement
Table of Contents
