![]() |
The OnBoard appliance mediates between authorized users (who may be either local or remote users on the public network) and devices that are connected to the OnBoard appliance’s private Ethernet ports. Connected devices are almost always isolated on a private network that cannot be accessed except by going through the OnBoard appliance.Communications between users and the OnBoard and through the OnBoard appliance to connected devices are protected by SSH encryption. Communications between the OnBoard appliance and the connected devices are proxied and the potentially vulnerable protocols used by most SPs are not exposed on the public network.Administration of the OnBoard appliance is separate from management of the connected devices. Multiple authorized users can manage connected devices while only OnBoard appliance administrators can configure access and security on the OnBoard appliance.The OnBoard appliance provides a set of security features not available in any SP management product from any other vendor. The following table lists the features that OnBoard appliance administrators can configure to control access to connected devices and to enforce an organization’s security policies and lists where the features are documented in more detail.
Authentication for accessing the OnBoard appliance and connected devices Authorizations assigned to users and groups to control access to connected devices Security profiles and other means for controlling which network services are turned on or blocked and for setting other security parameters Logging, notifications and alarms that can alert remote administrators about problems and data buffering to capture and monitor user activity.