Most management protocols have not been designed to run across firewalls and NAT. However in some cases, network administrators are forced to use them in this scenario and often the solution is to setup the firewall with static access rules. This however is not a clean solution as it is rather simple to forge packets, in particular UDP-based protocols such as SNMP. However TCP-based used to administer remote hosts protocols such as VNC [34] and RDC (Remote Desktop Connection), are not suggested to run across firewalls as a protocol flaw could compromise the whole network.Network management applications can take advantage of N2N for creating secure WAN management networks on which protocols can flow without having to take into account security and network constraints. Using different community names, administrators can add extra security by creating several overlays one for each group of homogeneous management resources, so that management traffic is further partitioned. Implementing the same partitioning scheme using traditional techniques such as VLAN or VPNs would have been much more difficult and in some cases (e.g. on WANs) probably not feasible at all.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.