being open for business for hackers.
A Linux platform lends itself to building an out-of-band management appliance, but an important decision is what's more important - flexibility or security and reliability.
If you keep the appliance open, it's possible to access and tweak OS settings and create and run scripts on the platform. You can install other programs that can run alongside the OOB management software, and you can patch Linux functionality without patching application software.
However, this flexibility to install other apps means that things can go wrong too. On the non-malicious side of the equation, this could be changes that modify or delete files critical to normal operation of the appliance. But truly bad things could happen as well. Scripts and software can be installed through an encrypted SSH session, with changes made to the appliance outside of the application. This means they could be undetected and not show up in logs or audits. Encrypted passwords and keys can be accessed and exported.
Suddenly you have a device that you might not be able to really trust that is connected directly to your network infrastructure over the console port, which isn't monitored by your IDS/IPS systems. Sounds scary, right? We think so.
Uplogix is a secure, closed appliance. The underlying Linux OS does not have root access, ensuring:
- No direct access to the OS for higher security and reliability
- Secrets are kept from users (passwords and keys)
- Non-approved scripts and software cannot be installed
- The application software and configuration integrity is maintained
Beyond the separation from the OS, the Uplogix platform is FIPS 140-2 Level Certified -- not just a component of the solution like a FIPS-certified Open SSL library. Our solid state hard drives are available with AES-256 disk encryption, and only the SSH port is open out of the box.
With Uplogix, all product configuration and features are governed by powerful and granular authorization features with every activity and change logged and archived to the NOC. With features that automate device monitoring, maintenance and recovery, scripting isn't necessary, avoiding another threat vector.