User Guide

38 Chapter 1 Overview

320818-A

Communication channels

Communications between the Nortel SNAS 4050 and key elements of the Nortel

SNA solution are secure and encrypted. Table 1 shows the communication

channels in the network.

Telnet or SSH can be used for management communications between remote PCs

and the Nortel SNAS 4050 devices.

About SSH

The Secure Shell (SSH) protocol provides secure and encrypted communication

between the Nortel SNAS 4050 and the network access devices, and between

Nortel SNAS 4050 devices and remote management PCs not using Telnet.

SSH uses either password authentication or public key authentication. With public

key authentication, pairs of public/private SSH host keys protect against “man in

the middle” attacks by providing a mechanism for the SSH client to authenticate

the server. SSH clients keep track of the public keys to be used to authenticate

different SSH server hosts.

SSH clients in the Nortel SNA network do not silently accept new keys from

previously unknown server hosts. Instead, they refuse the connection if the key

does not match their known hosts.

Table 1

Communication channels in the Nortel SNA network

Communication Communication protocol

Between Nortel SNAS 4050 and edge

switches

SSH

Between Nortel SNAS 4050 devices in a

cluster

TCP and UDP

Between Nortel SNAS 4050 and client PC

(TunnelGuard applet)

SSL/TLS

Between Nortel SNAS 4050 and SREM SSH

From edge switch to EPM SNMPv3 Inform

From EPM to edge switch Telnet over SSH

From authorized endpoint to DHCP server UDP