Secure PX Intelligent Power Distribution Units

PDU Rack Level Security

The rapid growth of digital data has put immense pressure on data centers to evaluate their security initiatives. At Raritan, we make sure that security is top of mind when engineering our products. Our full-line PX intelligent PDUs are equipped with latest network security protocols, the most diverse options for user authentication and management, and leverages best in class data encryption methods. Our iPDUs are continuously updated in order to provide the safest deployment experience while meeting the increased network security requirements in high-risk environments.

If a device is on a network, a set of security measures must be in place to protect the equipment, its data and the network it is connected to.

Security Measures:

 

At Raritan, we take PDU rack-level security seriously given our 30+ years of pioneering experience in IT and data center management. We monitor US-CERT for reported security vulnerabilities to keep our customers secure. To see all PX intelligent PDU innovations visit — http://www.raritan.com/products/power-distribution/intelligent-rack-pdus.



rack pdu encryption

Encryption: As rack PDUs are connected to management networks and even to the production networks, it is critical that any and all data sent or received by the PDUs are encrypted. We only enable secure encrypted communication by default — HTTPS and SSH. We use the strongest encryption in the industry as in:

  • HTTPS connections use TLS 1.0/ 1.1/ 1.2 with AES 128/ 256-bit ciphers supporting the widest range of browsers
  • SSH connections use public key authentication where password authentication is not adequate or feasible, like in scripts
  • SNMP v3 connections are encrypted with MD5 or SHA authentication protocols and DES or AES privacy protocols
  • StartTLS implementation ensures encrypted transport of user credentials from the PDU to the remote authentication server
  • Besides being a secure server, the PDU is also secure client when dealing with remote authentication servers using TLS for OpenLDAP and active directory as well as CHAP for RADIUS communication


rack pdu password security

Password Policies: With all the security measures available and implemented, passwords remain the most critical component of security. We provide several ways to ensure passwords are strong and current.

  • Strong passwords require a minimum of eight characters with lower case, upper case, numerals and special characters while forbidding the past three passwords
  • Force password change ensures that the default password gets changed after the first-time login as default passwords are the easiest way hackers take control of connected devices
  • Password expiration ensures passwords getting refreshed periodically, preventing hackers from accessing the PDUs from any known security breaches


rack pdu firewall security

Firewall: Rack PDUs are accessed over the network for various reasons ranging from simple data collection to critical alert notifications, and even power control. With systems and users needing access from various segments of the corporate network, it is critical to keep unauthorized access completely out through the following means:

  • IP-Based Access Control Lists (IP ACL) rules determine whether to accept or discard traffic to/from the PDUs, based on the IP address of the host sending or receiving the traffic
  • Role-Based Access Control (RBAC) rules act similar to IP access control rules which allow access to PDUs based on the roles of individual users


rack pdu cyber attack defense

Defense in Depth: Rack PDUs play a critical role in managing the power infrastructure and servers, using the PDUs remote power control functionality. Therefore, it is essential to protect against network breaches. We have implemented several security measures that keep the rack PDUs one step ahead of these threats:

  • Blocking access after repeated failed login attempts to defend against potential Distributed Denial of Service (DDoS) attacks and logging the source of the attempts
  • Timing out inactive sessions to prevent unauthorized access
  • Limiting the use of the same login credential from multiple clients
  • Enforcing restricted service agreement warnings and requiring that users accept them to login


rack pdu security certificates

Certificates: X.509 digital certificates ensure that both parties in a secure connection (TLS) are authorized users. As rack PDUs are increasingly accessed over public networks, having valid certificates protect against man-in-the-middle attacks. In order to make this process as efficient as possible, Raritan rack PDUs support two major types of certificates:

  • CA certificates that are issued and signed by public certificated signing authorities after thorough verification of the user’s business; the PDU interface even generates the certificate signing request for submission to signing authorities such as Verisign, Digicert and more
  • Self-signed certificates when a CA certificate is not deemed necessary; the PDU also provides an interface to generate a self-signed certificate
 

 

Ready to Learn More?

Schedule a Demo

Schedule a demo to learn more about our intelligent PDUs.

Schedule Today

Have a Question?

Our remote access pros can help.
 

Contact Us

Get the Power Catalog

Get all the information on our iPDUs, Transfer Switch, Sensors, and More!

Power Product Catalog