HP Remote Device Access Security Overview for A.05.30 (December 2009)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software

Table of Contents

About This Document.....................................................................................9

1 Intended Audience...............................................................................................................................9

2 Publishing History................................................................................................................................9

3 Document Organization........................................................................................................................9

4 Typographic Conventions......................................................................................................................9

1 Remote Device Access (RDA)......................................................................11

1.1 Executive Overview..........................................................................................................................11

1.2 Service Description..........................................................................................................................11

1.3 Service Value..................................................................................................................................11

1.3.1 Authentication.........................................................................................................................11

1.3.2 Access Control Overview..........................................................................................................11

1.3.3 Secure Communications...........................................................................................................11

1.4 Unattended RDA Using SSH..............................................................................................................11

1.4.1 Customer Access System (CAS)..................................................................................................12

1.4.1.1 Customer-owned CASii......................................................................................................12

1.4.1.2 Virtual CAS.....................................................................................................................12

1.5 Access Control Details......................................................................................................................13

1.5.1 Access control on the HP side....................................................................................................13

1.5.2 Access control on the customer side...........................................................................................14

1.6 Connectivity Method: SSH-Direct - Secure Shell over Internet..................................................................15

1.7 Connectivity Methods for VPN Solutions.............................................................................................15

1.7.1 hpVPN....................................................................................................................................17

1.7.2 Customer-Owned Router (COR) VPN..........................................................................................17

1.8 Connectivity Method for Integrated Service Digital Network (ISDN)........................................................17

1.9 Attended RDA via Virtual Support Room.............................................................................................17

1.10 Data Privacy..................................................................................................................................19

2 Remote Device Access Security Details........................................................21

2.1 Outbound Security...........................................................................................................................21

2.2 Inbound Security.............................................................................................................................21

2.3 Secured Communication...................................................................................................................21

2.4 Unsecured Communications..............................................................................................................22

2.5 Security Auditing.............................................................................................................................22

A X.509 Certificates and Remote Device Access..............................................23

A.1 Overview.......................................................................................................................................23

A.2 Certificate Revocation Lists...............................................................................................................23

B Summary of Network Ports – Remote Device Access......................................25

B.1 Customer Access System (CAS)..........................................................................................................25

B.2 Additional Ports for Virtual CAS........................................................................................................25

B.3 hpVPN...........................................................................................................................................26

Table of Contents 3