|
Security
KVM and Terminal server companies fall far short of providing
adequate security for enterprise customers. To be effective,
security needs to be up to date and have multiple levels.
Most provide no security or outdated and moded security.
All other known competitors use outdated versions of SSH,
which has several well-documented security breaches. In
addition, most do not provide RSA keys, DSA or generate
SSL certificates or allow Verisign to validate and certify.
The ENS uses the latest and greatest security and currently
comes with last release of SSH and incorporates any additions
or changes in the SSH encryption standard and makes them
available within weeks of being released. The ENS generates
both RSA and DSA keys instantly and allows you to validate
certificates by Verisign at the press of a button.
Others do not provide IP Packet Filtering to lock down
access of groups or individual to specific equipment. The
ENS uses IP packet filtering to further restrict and control
access.
Many competitors exclusively rely upon RADIUS for authentication.
The ENS allows RADIUS, local authentication
and Central Database Authentication, IP Packet Filtering
and more. However, OutPost recommends against relying on
RADIUS authentication because your out of band system should
work when the network is not available. If there is a network
issue you will be locked out of the network by relying upon
the RADIUS server, which largely defeats the purpose of
providing OBM.
Alternative solution are not geared toward the enterprise
and do not provide Access Control Lists (ACL) or audit trails.
Access Control Lists specify who and what machine has access
to which equipment and what they can do to each piece of
equipment. For example, using an ACL you can authorize Tech1
in the NOC to only view the status of all equipment, Tech2
can power the Cisco devices but only Tech3 has connect privileges
to reconfigure the router. Tom can view it all from his
desk in real time and see who has and is taking what actions.
|
