Securing Connections Between a C Series Controller and Remote Hosts
For security reasons, take care to limit the number of open ports you configure for applications and SRC components on the external interfaces.
By default, SSH for nonroot users is enabled on C Series Controllers. Otherwise, you configure the C Series Controller to explicitly allow users on remote systems to access it. Table 3 lists the applications through which remote users can access a C Series Controller.
Table 3: Applications to Remotely Access the C Series Controller
Application | Information About Access Configuration |
---|---|
SSH | Configuring a C Series Controller to Accept SSH Connections (SRC CLI) |
Telnet | Configuring a C Series Controller to Accept Telnet Connections (SRC CLI) |
NETCONF | Configuring a C Series Controller to Accept NETCONF Connections (SRC CLI) |
C-Web interface | |
Policies, Services, and Subscribers CLI | Configuring Access to the Policies, Services, and Subscribers CLI |
You can also configure security certificates for use by HTTPS connections.
You can connect from a C Series Controller to remote hosts through:
- SSH
- Telnet
- FTP by means of a file URL