Operation Manual
Security
NetWAYS/ISDN – 3 Remote Access with NetWAYS/ISDN 31
3.3 Security
In remote network access, it is very important to protect both
the remote access server and the NetWAYS/ISDN computer
against unauthorized access. NetWAYS/ISDN provides sever-
al security mechanisms for this purpose, which must also be
supported by the remote access server.
The following diagram illustrates the security checks that can
be applied on a connection to a remote access server.
Security in remote network access
Caller ID
When a remote computer dials in to a network, the remote
access server must decide whether or not to accept the con-
nection. The remote computer is first identified by the num-
ber of its ISDN line, signaled with the incoming call on the
D channel. The remote access server compares this number
with those registered in its database. The connection is
accepted only if the number is matched.
Transmission of
user data, e.g.
e-mail, database
information.
If necessary, encryption
and packet filtering.
ISDN connection dialed
and cleared dynamically
D-channel number
verification
After call acceptance,
authentication
with PAP or CHAP
If requested,
connection cleared and
security call-back by
AVM Access Server
Remote computer ISDN
D channel
Remote Access Server
B channel
Name / Password
D and B channel
D and B channel
D and B channel
Outgoing Calls
Further PPP
negotiations like IP
address, spoofing,
point-to-multipoint
netways-e.book Seite 31 Freitag, 28. November 2003 3:51 15