In this section:
The DSC Platform provides several security features, based on Telcordia GR815 standard, to ensure authenticated access to functions appropriate for each user and the audit of the work performed by those users.
Firewall
The DSC Platform support the following firewall functionality:
- TCP and UDP traffic is highly restricted
- Insecure traffic on TCP and UDP is limited to outgoing NTP, SNMP (in for provisioning and out for traps), outgoing SMTP (possible E-mail backups), and outgoing syslog (external log capture)
- Secured traffic on TCP and UDP includes SSH and HTTP (which is automatically redirected to HTTPS), and HTTPS. Also, secured traffic related to IPsec are allowed (ESP, AH)
- SCTP is open by default
Intra-realm Security: IPsec
The IPsec protocol suite is the method for DSC Platform intra-realm security. This protocol suite provides non-encapsulated encryption between two IP endpoints.
Note
IPsec is configurable on an address to address basis (not in Ribbon DSC application).
Inter-realm Security: Transport Layer Security (TLS)
Transport Layer Security (TLS) is the method for inter-realm security. This encryption is done between Ribbon DSC applications and is easier for use across a wider network.
For more information about configuring the DSC Platform firewall, refer to the appropriate section in the DSC - SP2000 Platform Manager User Guide.
Overview
Content Tools