Avaya Router Guia de Início Rápido descarregar pdf (Página 72)

Quick-Starting Routers

7-4

308654-14.00 Rev 00

Setting Secure Mode

Nortel Networks routers have an optional security mechanism, called secure

mode, that uses an encryption algorithm to prevent unauthorized SNMP SET

requests to the MIB variables of the router.

In secure mode, when Site Manager issues the first SET request within an

application, you must enter a key to allow Site Manager to operate in secure mode.

A Site Manager SET request to the router includes the encrypted value of a

counter. When the agent on the router receives the SET request, it compares the

encrypted value to the value of its own counter plus 1. If the two counters match,

the agent considers the SET request authentic, increments the counter by 2, stores

it in encrypted form in the MIB, and sends it back to Site Manager.

Secure mode protects against these security violations:

• Message stream modification, in which an intruder reorders, delays, or replays

SET requests to specify unauthorized management settings

• Masquerade operations, in which an intruder assumes the IP address of an

authorized user to specify unauthorized management settings

Secure mode does not protect against the following security violations, which are

beyond the scope of this proprietary interim security system:

• Modification of information, in which an intruder intercepts a packet,

modifies its contents, and reinserts it into the message stream before the

agent’s counter increments

• Disclosure, in which an intruder observes which variables are being set

Enabling the security mechanism only minimally affects router performance. The

security mechanism has no effect on the ability of Site Manager, or of any SNMP

network manager, to monitor the router by performing GET, GET-NEXT, or trap

functions.

1 2 ... 67 68 69 70 71 72 73 74 75 76 77 ... 131 132

Sem comentários

Avaya Router Guia de Início Rápido Página 72