Re: Exposed serial connection

[Delafontaine André <andre.delafontaine () nagra com>]

On the hardware side, you might want to take a look at Cyclades' TS100, an 
embedded IP to serial device: http://www.cyclades.com/products/ts100.php

Authentication and encryption can be done using ssh.

One thing to keep in mind: whenever you use any piece of software in a 
security-dependent environment, plan the how's and when's of the upgrades and 
fixes: both ssh and ssl have had (unrelated) security issues lately. How do you 
want to go around updating the software?

As usual, maintenance is where the largest cost will be, so try to plan for that 
part at least as much as for the initial cut of the solution.

Disclaimer: I have no financial interest in Cyclades, but have used their 
products in the past with a high degree of success :-)

André
--

Jonas Anden wrote:
> I need to expose a sensitive serial port to a remote site through IP.
> The protocol used on the serial line is text based with some control
> bytes and totally unauthenticated. Are there any applicances recommended
> that can perform the following:
>
> - Encrypting the IP connection (Preferably SSL)
> - Provide for authentication (Preferably outside the protocol sphere,
> like SSL client certificates).
> - Convert the data received on the IP end and send it out on the serial
> line, and vice versa.
>
>   // J
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


--
          delafontaine at nagra.com  keyID 0A2172EE
  F20 DSS: 21EA 89DD 213B 8DB1 B6B5  6E42 7C22 65AD 0A21 72EE

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards