部落格

How Secure are Raritan’s PX Intelligent PDUs?

Posted on April 10, 2017 by Gento

Why is security so important in data centers? Well, according to the 2016 Ponemon Cost of Data Breach Study the average cost of an information security breach is $4 million, with an average estimated cost of $154 per stolen record. Raritan believes that if a device is on a network, it has to have a set of security measures in place to protect the device, its data and the network it is connected to. 

Here is a list of Raritan’s PX security features:

Encryption: As rack PDUs are connected to management networks and even to the production networks, it is critical that any and all data sent or received by the PDUs are encrypted. We only enable secure encrypted communication by default – HTTPS and SSH. We use the strongest encryption in the industry as in:

  • HTTPS connections use TLS 1.0/ 1.1/ 1.2 with AES 128/ 256-bit ciphers supporting the widest range of browsers
  • SSH connections use public key authentication where password authentication is not adequate or feasible, like in scripts
  • SNMP v3 connections are encrypted with MD5 or SHA authentication protocols and DES or AES privacy protocols
  • StartTLS implementation ensures encrypted transport of user credentials from the PDU to the remote authentication server
  • Besides being a secure server, the PDU is also secure client when dealing with remote authentication servers using  TLS for OpenLDAP and active directory as well as CHAP for RADIUS communication

Password Policies: With all the security measures available and implemented, passwords remain the most critical component of security. We provide several ways to ensure passwords are strong and current.

  • Strong passwords require a minimum of eight characters with lower case, upper case, numerals and special characters while forbidding the past three passwords
  • Force password change ensures that the default password gets changed after the first-time login as default passwords are the easiest way hackers take control of connected devices
  • Password expiration ensures passwords getting refreshed periodically, preventing hackers from accessing the PDUs from any known security breaches

Firewall: Rack PDUs are accessed over the network for various reasons ranging from simple data collection to critical alert notifications, and even power control. With systems and users needing access from various segments of the corporate network, we believe it is critical to keep unauthorized access completely out through the following means:

  • IP Based Access Control Lists (IP ACL) rules determine whether to accept or discard traffic to/from the PDUs, based on the IP address of the host sending or receiving the traffic
  • Role Based Access Control (RBAC) rules act similar to IP access control rules which allow access to PDUs based on the roles of individual users

Defense in Depth: Rack PDUs play a critical role in managing the power infrastructure and servers, using the PDUs remote power control functionality. Therefore, it is essential to protect against network breaches. We have implemented several security measures that keep the rack PDUs one step ahead of these threats:

  • Blocking access after repeated failed login attempts to defend against potential Distributed Denial of Service (DDoS) attacks and logging the source of the attempts
  • Timing out inactive sessions to prevent unauthorized access
  • Limiting the use of the same login credential from multiple clients
  • Enforcing restricted service agreement warnings and requiring that users accept them to login

Certificates: X.509 digital certificates ensure that both parties in a secure connection (TLS) are authorized users. As rack PDUs are increasingly accessed over public networks, having valid certificates protect against man-in-the-middle attacks. In order to make this process as efficient as possible, Raritan rack PDUs support two major types of certificates:

  • CA certificates that are issued and signed by public certificated signing authorities after thorough verification of the user’s business; the PDU interface even generates the certificate signing request for submission to signing authorities such as verisign, digicert and more
  • Self-signed certificates when a CA certificate is not deemed necessary; the PDU also provides an interface to generate a self-signed certificate

At Raritan, we take security very seriously given our 30+ years of pioneering experience in IT and data center management. We monitor US-CERT for reported security vulnerabilities to keep our customers secure. To learn more about our PX intelligent PDUs visit us as - http://www.raritan.com/products/power-distribution/intelligent-rack-pdus

Other Blog Posts

從資料中心失效對企業帶來的骨牌效應──探討感測器的重要性
Posted on November 5, 2023
更高規格的電源要求加速AI市場成長與Raritan PDU的採用
Posted on October 11, 2023
資料中心服務中斷次數減少,但停機的代價仍舊可觀
Posted on September 20, 2023
意見調查:資料中心面臨能源使用與人力短缺困境
Posted on September 20, 2023
Raritan安全切換器:相容於Secure NIAP 4.0的桌上型KVM
Posted on September 20, 2023

View all Blog Posts

訂閱

近期活動

New Zealand Cloud & Datacenter Convention 2022
3 November 2022, 9am – 4pm  •  Grand Millennium Hotel, Auckland, New Zealand
Data Centre World Singapore
12th – 13th Oct 2022
Korea Cloud & Datacenter Convention 2022
6th Oct 2022
Philippines Cloud & Datacenter Convention 2022
4th Aug 2022
JANOG50 Meeting Hokkaido
3th – 15th July 2022

View all Events

Raritan最新新聞

Legrand 使用兩大創新智慧型機架 PDU 重新活化資料中心產業
Posted on May 1, 2023
Exclusive interview丨How does Huizhou upgrade its manufacturing industry?
Posted on December 2, 2021
Raritan 發表 MasterConsole® 數位雙電腦切換器
Posted on February 18, 2021
Legrand Data, Power and Control Division Announced as Finalist in Six Categories at DCS Awards 2020
Posted on November 9, 2020
Raritan 新款智慧機櫃控制器 (SRC) 可智慧管理資料中心與關鍵任務設施的環境與安全性資訊
Posted on November 9, 2020

View all news