A.05.80 HP Insight Remote Support Advanced and Remote Device Access Security Overview (October 2012)
Security Overview
Contents
Remote Device Access (RDA) 37
Executive Overview 37
Service Description 37
Service Value 38
Authentication 38
Access Control Overview 38
Secure Communications 38
Unattended RDA Using SSH 39
Customer Access System (CAS) 39
Customer-owned CASii 39
Virtual CAS 40
HP Instant Customer Access Server (iCAS) 41
Access Control Details 42
Access control on the HP side 42
Access control on the customer side 43
Connectivity Method: SSH-Direct – Secure Shell over Internet 44
Connectivity Methods for VPN Solutions 45
hpVPN 46
Customer-Owned Router (COR) VPN 46
Connectivity Method for Integrated Service Digital Network (ISDN) 47
Attended RDA via Virtual Support Room 47
Data Privacy 49
Remote Device Access Security Details 49
Outbound Security 49
Inbound Security 49
Secured Communication 50
Unsecured Communications 51
Security Auditing 51
X.509 Certificates and Insight Remote Support Advanced 52
Overview 52
Certificate Revocation Lists 52
Digital Signature Verification in the Remote Support Client 53
HP Insight Remote Support Advanced and Remote Device Access (A.05.80)Page 5 of 97