Best Security Practices

For security you can restrict access to trusted Network sources using VPN and/or IP Tables filtering, also consider running TCP/UDP services on alternate ports.


Below is a list of available security options & recommendations:


  • SSHv2 Encryption
  • Embedded Validated FIPS 140-2 Cryptographic Module
  • HTTPS/SSL Secure Web
  • Remote Authentication:
  • LDAP/Kerberos/RADIUS/TACACS+
  • Multi-factor Authentication/Two-Factor Authentication (2FA)
  • Radius DUO or OKTA Support
  • Multi-Level Subscriber Directory
  • IP Address Filtering – IPTABLES using Linux standard syntax
  • VPN IPsec site to site support
  • Callback Security option available for our units with built in or attached analog modems
  • Wake Up On Failure option for our Cell units.
  • Turn OFF Telnet
  • Set unit SSH Security Level to "High"
  • Set unit Harden Web Security to "High"
  • Set unit TLS Mode to "TLSv1.3"
  • Set unit HSTS Policy to "ON"
  • Set unit OCSP Stapling to "ON"
  • Set unit General > Serial Port Protection, SSH Protection, Telnet Protection, and Web Protection parameters to "ON"
  • Secure RSA