Thursday 17 October 2019

Strengthening Banking Security Through Customized OOBM Applications


Banking & Financial SecurityChallenge:

A central IT service provider responsible for developing and operating all IT applications for a prominent German financial institution required an Out of Band Management (OOBM) solution that enabled remote out-of-band management access for multiple administrators with distinct areas of expertise, permissions, and access rights.
In addition to upgrading their Out of Band Management (OOBM) system, the end-user customer requested a tailored security feature that provided a clear audit trail of who did what and when, and to which system.
Could Lantronix provide a secure OOBM management solution that includes an advanced security feature tailored to the end user’s specifications?

Key Requirements:

  • Special audit logging
  • Cost-effective, turnkey deployment
  • Self-terminating security strings
  • Instant, remote access to network equipment

Solution: Lantronix SLC 8000 Advanced Console Manager with Self-Terminating Strings

The customer deployed the Lantronix SLC 8000 console manager to provide Out-of-Band access over the administrator’s Ethernet channel to critical systems comprised of routers and servers. Administrators are now able to remotely manage essential IT equipment and deploy cost-effective upgrades as they become available.
Now that the end-user improved its IT infrastructure with the SLC 8000, the next challenge was ensuring that machine access was given to administrators with the appropriate credentials. In many cases, a security issue arises when an administrator logs out of the console server but fails to log out of the target machine. The danger is that a second administrator could then log into the same console server port and access the active connection. This is considered a security breach since the second user is logged in under the identification of the first administrator.
Normally when networks require a system administrator to connect to a target system through a console server, they are first challenged to identify themselves. Once connected to the port leading to the target system, they will be challenged again by the target machine’s security system – so they have to log in a second time. The SLC 8000 eliminates these added steps by customizing the end user’s software to include self-terminating security strings that automatically disconnect administrators from active sessions. Now, if an administrator disconnects from the SLC 8000 without continuing to log out of the target machine, the console manager will automatically send a logout command and end the session. This will leave the target machine protected when a second administrator tries to access the same target after the first administrator departed.
A live demo of the SLC 8000 advanced console manager will be shown at Cisco Live Berlin (Stand: E62 – Hall 3.2) from February 20, 2017- February 24, 2017. For more information about Cisco Live Berlin, click here.

SLC 8000: Secure Remote Out of Band Management (OOBM) for Financial Institutions
The SLC 8000 sending self-terminating strings

Results:

  • Rapid deployment
  • Centralized monitoring and quick troubleshooting of remote equipment
  • Secure access to IT infrastructure equipment
  • Supports multiple users to connect to a single device port and simultaneous access to all 48 ports
  • Scale as system configuration and device console mix changes

About the Lantronix SLC 8000 Advanced Console Manager

Future Proof Your Secure Out-of-Band Management Solution

The Lantronix SLC 8000 advanced console manager is the industry’s first modular console server that provides secure remote access to IT equipment while reducing deployment costs and time.

Lantronix SLC 8000 Key Benefits:

  • Reduces downtime and increases efficiency with anytime, anywhere access to IT equipment
  • Enables custom “mix-and-match” configurations with USB, RS-232 modules and a variety of power supply options.
  • Simplifies service deployments and balances CAPEX and OPEX with its modular design
  • In-band (Ethernet) and out-of-band access (dial-in/out via modem, as well as cellular: PremierWave XC HSPA+ and 4G LTE with newly available LTE connectivity kit)
  • Front LCD and keypad allows for quick network set-up and easy deployment
  • Protects management interfaces with authentication and encryption.  The cryptographic modules are FIPS 140-2 approved.
  • Centralized management integration with the Lantronix vSLM and ConsoleFlow management software
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)