Security

<< Click to Display Table of Contents >>

Navigation:  Product Description > Functions and Features >

Security

Navigation: Product Description > Functions and Features >

hm_btn_navigate_prevhm_btn_navigate_tophm_btn_navigate_next

The unified gateway provides enhanced security measures for users.

Anti-attack Measures

ϒ⁄The communication port matrix is delivered with the product documentation. Only services and ports listed in the communication port matrix need to be enabled.

The communication port matrix contains the following port information: available ports, transport layer protocols used by the ports, network elements (NEs) that use the ports to communicate with peer NEs, application layer protocols used by the ports and description of the services at the application layer, information about whether services at the application layer can be disabled, authentication modes, and functions of the ports (such as transmitting management traffic, control traffic, or data traffic).

ϒ⁄Different network ports carry management traffic and service traffic so that the management traffic is transmitted in a different network segment from the service traffic. This ensures system security. Note that the management traffic requires a fixed network port, not a random one.

ϒ⁄The Secure Shell (SSH) protocol is used to authenticate user login.

ϒ⁄Media streams and TLS signaling in the voice services are encrypted to ensure voice data security.

Password Security

ϒ⁄The system prompts users to change login passwords upon their first login

ϒ⁄The authentication modules of the web page and command-line interface use the brute-force attack prevention mechanism, which temporarily locks an account and IP address (for web only) after three failed login attempts.

ϒ⁄The HTTPS protocol is used to send user names and passwords to the server during web page login.

Web Security Measures

ϒ⁄Verifies the user session ID and user rights for each request to access a page or servlet that requires authorization.

ϒ⁄Executes the final authentication on users on the server.

ϒ⁄Verifies data generated by users on the server, and encodes data using the HTML before transmitting the data to clients, which prevents malicious code and cross-site scripting attacks.

ϒ⁄Uses the web security scanning software to scan web servers and applications, which prevents high-level vulnerabilities.

Parent Topic: Functions and Features

 

 

< Previous topic