Dod/Pritchard Communications
Efficient University Technical Track Copy
-- Draft 4: September 5, 2001--
hardware-based VPN acceleration for continuous optimization. (Additional information about VPN technology and
its applications is available in Module 5: Advanced Router Features.)
The VPN option in Efficient Networks routers and gateways is activated through a simple, user-installable software
license key. No reconfiguration of the router or gateway is required. The key is a 44-character string, unique to a
particular router or gateway, that enables a this particular feature. A software option key can be entered through
either the Web or command line interfaces. The key is available for purchase from product distributors, directly
from Efficient Networks, or from the Efficient Web site: www.efficient.com.
Router and Gateway Security: Access Control
Router and gateway access controls are important to ensure the s ecurity of the device and its settings. 5800 series
routers and 5950 gateways have flexible controls, including password protection, port- and service-based controls,
and IP range controls.
The 5800 series router and 5950 gateway always prompt for a password upon connection. A default password is
provided (and listed in the documentation), and changing it upon first use is highly recommended. Changing the
password secures the router or gateway and its configuration against unauthorized tampering, from both inside the
client LAN as well as from the outside world (i.e., the Internet).
Router and gateway access control can also restrict administrative access and control to a select group of hosts by IP
range. IP addresses on either side (LAN or WAN) of the router or gateway may be specified. For example, if a 5950
gateway is set to allow access to internal systems within the LAN IP range from 192.168.254.0 to 192.168.254.254,
systems with other IP addresses are denied access to gateway settings. (Those systems outside the IP range specific
for the gateway are still able to use the Internet connection as usual; their only access restriction is gateway control
functions.)
Access to 5800 series routers and 5950 gateways may also be restricted according to “direction,” whether a
connection request comes from within the LAN or outside of it (i.e., from the Internet). It’s also possible to mix and
match the types of services that can be accessed. An outsider might not be able to access the router or gateway via
Telnet, for example, while LAN side users have full Telnet access.
The router and gateway services that can be accessed from computers can also be controlled. Access control can be
used to:
o Enable or disable LAN-based computer access to specific services
o Enable only LAN-based computers to manage router/gateway services
o Allow all hosts (on or outside the LAN) to manage router/gateway services
Access-controlled services include:
o Telnet management
o Web management
o SNMP management
o System logging to syslog-servers
(6 paginas)
(94 paginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales