Manualshelf

Insight Remote Support 7.0.9 Security White Paper

ManualsBrandsHP ManualsSoftwareHP Insight Remote Support Next Gen Software
21222324252627282930
Figure 10: General IPSec VPN Access Without SSH
CustomerHP
Customer target
systems or devices
Customer Access
Server
Internet
HP Support
Specialist
SSH tunnel to HP access server TCP/22 (SSH) inbound
SSH tunneled application traffic Application specific inbound
Raw application traffic Application specific inbound
IPSEC VPN Tunnel Protocol 50 (ESP) & UDP 500 (IKE)
Customer
Firewall
HP
Firewall
Customer
internal
Firewall
Remote Access
Connection System
VPN routing
device
VPN routing
device
IPSec VPN
With IPSec VPN, HP establishes an IPSec VPN with a customer-managed VPN device. HP’s RDA VPN routers are successfully
inter-operating with ProCurve, Cisco IOS, Cisco PIX, Check Point, Juniper, Linux and other IPSec VPN-capable devices at
customer sites. IPSec VPN connections can be configured according to a customer’s unique configuration requirements.
With the IPSec VPN remote access option, the customer’s network administrators are responsible for configuring and
maintaining the IPSec configuration on their end of this B2B connection. HP is responsible for maintaining the HP side
configuration. HP Support specialists can assist with troubleshooting any connection issues with this solution.
Connectivity Method for Integrated Service Digital Network (ISDN)
In some countries, HP offers the option of ISDN connectivity. As with VPN solutions, SSH port-forwarding is used over ISDN
to provide secure remote access.