Table of Contents
Advertisement
IMPORTANT NOTE: TCP port numbers from 0 to 1023 are universally reserved for well-known
ports. Never use these port numbers.
7.3
Denial of service (DOS) threshold rates
Protection of ports used for TCP/IP communication, such as Ethernet, is very important. Cybersecurity
threats can make a device unavailable for connection.
If the Totalflow device has a Denial of Service (DOS) attack, the device cannot grant requests for
connection. It stops responding. The following table provides the DOS threshold rates per packet type.
The device stops responding at these thresholds.
Table 7-5: Denial of Service (DOS) threshold rates
Packet type
Ethernet
ARP
IP
ICMP
UDP
TCP
7.4
Security guidelines
The following table contains recommended guidelines to secure access to the XIO. Find procedures for
secure configuration throughout this manual, in Quick Start Guides, and in online PCCU help files.
Table 7-6: XIO security guidelines
Recommendation
Secure physical
access to the device
Secure access with
security switch
Configure bi-level
security codes
Enable Role-Based
Access Control
(RBAC)
Secure network
connection
124 | XIO USER MANUAL | 210 6424MNAB
Description
9 Mbps (13393 packets/sec)
9 Mbps (13393 packets/sec)
9 Mbps (13393 packets/sec)
27 Mbps (40179 packets/sec)
10 Mbps (14881 packets/sec)
10 Mbps (14881 packets/sec)
Description
Control access to the device, internal components, and connected peripherals.
Turn the onboard security switch on to enforce authentication through bi-level
security codes or RBAC.
See
section 7.5.
Change default security codes to private codes (the default security code for both
level 1 and level 2 is 0000).
See
section 7.5.
Configure RBAC. See
section 7.6.
Enable role-based access and enable authentication for each of the communication
ports.
Change the default RBAC passwords and security codes.
The device only connects to a firewall-protected private network. Do not connect
directly to the Internet.
Advertisement
Table of Contents
