Manualshelf

User`s guide

ManualsBrandsDigi ManualsComputer equipmentTS 8 MEI
21222324252627282930
Introduction
26
Security features in Digi devices
Secure access and authentication
One password, one permission level.
Passwords can be issued to device users.
Selective enabling/disabling network services such as ADDP, RealPort, Encrypted
RealPort, HTTP/HTTPS, LPD, Remote Login, Remote Shell, SNMP, and Telnet.
Can control access to inbound ports.
Can control access to specific devices, IP addresses, or networks through IP filtering.
Secure sites for configuration: HTML pages for configuration have appropriate security.
User and user group access permissions, which control user access to various features
and the level of control they have over them (view settings or change settings).
Encryption
Encrypted RealPort offers encryption for the Ethernet connection between the COM/
TTY port and the Digi device. Encryption prevents internal and external snooping of
data across the network by encapsulating the TCP/IP packets in a Secure Sockets Layer
(SSL) connection and encrypting the data using the Advanced Encryption Standard
(AES) security algorithm.
Strong Secure Sockets Layer (SSL) V3.0/ Transport Layer Security (TLS) V1.0-based
encryption: DES (64-bit), 3DES (192-bit), AES (128-/192-/256-bit), IPsec ESP: DES,
3DES, AES.
Wireless Digi Connect products provide Wi-Fi Protected Access (WPA/WPA2/802.11i)
and Wired Equivalent Privacy (WEP) encryption (64-/128-bit). Supported WPA/WPA2/
802.11i authentication methods are:
SNMP security
SNMP “set” commands can be disabled to make use of SNMP read-only. Changing public and
private community names is recommended to prevent unauthorized access to the device.
Supported WPA authentication methods
EAP-TLS PEAP EAP/TTLS
LEAP (WEP only) EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1) EAP-TTLS/EAP-MD5-Challenge
EAP-PEAP/TLS (both PEAPv0 and PEAPv1) EAP-TTLS/EAP-GTC
EAP-PEAP/GTC (both PEAPv0 and PEAPv1) EAP-TTLS/EAP-OTP
EAP-PEAP/OTP (both PEAPv0 and PEAPv1) EAP-TTLS/EAP-MSCHAPv2
EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1) EAP-TTLS/EAP-TLS
EAP-TTLS/MSCHAPv2
EAP-TTLS/MSCHAP
EAP-TTLS/PAP
EAP-TTLS/CHAP