Document

Download Report

Transcript Document 

TOSIBOX LOCK
security options
TOSIBOX LOCK security options,
when connected to third party network:
1. ADMIN password
2. LOCK – Client mode
-IP/MAC Filtering in Client mode
3. LOCK
-SECURE ACCESS - 3G or broadband, L3 Firewall
and Mac/IP filtering
-LOCK OFFLINE
-LOCK OFFLINE – TEMPORATY ONLINE
4. Example; Technical solution in third party network
ADMIN Password
-All Lock has unique password. It is important, password will
be managed by owner of the network
-ADMIN can only change security features on
the TOSIBOX Lock
LOCK – Client mode
-TOSIBOX Lock as a client
-Easy access to all devices
LOCK – Client mode
-IP / MAC FILTERING IN Client mode
-TOSIBOX Key access to dedicated devices only
LOCK
-TOSIBOX Lock, DHCP server on or fixed IP addresses
-Firewall automatically activated between WAN and LAN
Advanced Secure Access
3G or broadband, Layer 3 Firewall in use, Mac/IP filtering,
corporate VPN feature in use
Tosibox Key gets
unique static IP address
from Tosibox Lock
(172.16.10.20)
REMOTE LAN 10.20.30.0/24
LAN DHCP OFF
WAN
Interface
10.1.1.25
1.
2.
3.
4.
5.
6.
Lock WAN will be connected to Customer LAN. Lock IP address will be provided by Customer LAN
Lock LAN side set to ”DHCP off” -mode
Lock can be set in Offline or Online by Master key (inside network)
Possible to limit TOSIBOX Key access to specific devices addressess by IP / MAC filtering
Block other internet access from the TOSIBOX key, when connected to the LOCK (corporate VPN)
3G or 4G modem set to TOSIBOX USB port, then Key user will access to sepcific devices by 3G/4G.
Customer LAN
10.1.1.0/24
OFFLINE
(page 1/2)
- Managed by administrator in internal network
OFFLINE –
TEMPORARY ONLINE
(Page 2/2)
- Managed by administrator in internal network, possible to set
timer for TOSIBOX Key Users to access network
Technical solution in third party network
ADMIN can set by own TOSIBOX
Key all LOCKs to ”offline” - mode.
Then Locks haven’t internet connection
and remote users can’t access
to the Lock
Suplyer LAN
10.20.30.0/24
Internet
Server or
Remote
User
When Locks OFFLINE
Inside corporate network User
(or Admin) can access to
TOSIBOX locks by TOSIBOX Key
Layer 3 VPN
Tosibox Key internal
IP-address will be
provided by
TOSIBOX Lock
(172.16.10.20)
1. Lock WAN will be connected to corporate LAN
network. Lock IP address will be provided
by internal network
2. Remote devices will be connected to
TOSIBOX Lock LAN –Ports
3. Lock can be set to Offline or Online
by ADMIN (inside network)
4. Possible to limit TOSIBOX Key access
to specific devices addressess by IP / MAC filtering
5.Possibility to allow access to specific IP address
(to WAN) from Lock LAN side. (For example:
alarms to specific IP address or printing
to inside Corporate LAN network)
10.1.1.5
WAN
Interface
10.1.1.25
10.1.1.6
Device
10.1.1.7
10.100.200.150
LAN
Interface
10.100.200.126/26
Corporate LAN
10.1.1.0/24
10.1.1.8