Network security features, Alarms and troubleshooting features – HP Media Gateways G250 User Manual
Page 55
Network security features
Issue 5 June 2008
55
●
ASG authentication for remote service logins. ASG is a challenge-response authentication
method that is more secure than password authentication and does not require a static
password.
Network security features
The Avaya G250/G350 Media Gateway provides the following network security features:
●
Private secure connections can be configured between the G250/G350 and a remote peer,
using VPN (Virtual Private Network). VPN at the IP level is deployed using a
standards-based set of protocols defined by the IETF called IPSec. IPSec provides
privacy, integrity, and authenticity to information transferred across IP networks.
●
Access to the G250/G350’s LAN ports is authenticated using the 802.1x protocol. On the
G350, you can enable 802.1x on the MM314 and MM316 media modules’ 10/100 Ethernet
ports. On the G250, you can enable 802.1x on the eight Ethernet LAN PoE ports located
on the G250’s front panel. The 802.1x protocol standard is extended to support an optional
mode for authenticating multiple supplicants.
●
Protection against DoS (Denial of Service) attacks via:
- MSS notifications. The G250/G350 identifies predefined or custom-defined traffic
patterns as suspected DoS attacks and generates SNMP notifications, referred to as
Managed Security Services (MSS) notifications. MSS notifications are intercepted
and, if certain conditions are met, may be forwarded to the Avaya Security Operations
Center (SOC) as INADS alarms. The SOC is an Avaya service group that handles
DoS alerts, responding as necessary to any DoS attack or related security issue.
- SYN cookies, which protect against a well-known TCP/IP attack in which a malicious
attacker targets a vulnerable device and effectively prevents it from establishing new
TCP connections.
Alarms and troubleshooting features
The Avaya G250 and Avaya G350 Media Gateways have extensive features for error detection,
alarms, and troubleshooting. Detailed diagnostic information and troubleshooting are provided
by software-based solutions accessible by laptops in the field or remotely from an
administrator’s computer. Administration for the Avaya G250 and Avaya G350 Media
Gateways, 03-300436, provides a comprehensive guide to configuring and using these
solutions.