beautypg.com

3 trusted devices, 1 adding trusted devices, Trusted devices – Fortress Technologies ecure Wireless Access Bridge User Manual

Page 69: Adding trusted devices

background image

Fortress Bridge: Administration

59

4.3 Trusted Devices

Some wireless devices—IP phones, digital scales or printers,
and APs, for example—are not equipped to run additional
software such as the Fortress Secure Client. In order to allow
such a device access to the encrypted zone, the Fortress
Bridge must be configured to identify it as a

Trusted Device

—to

which the narrowest possible access rules should be applied.

All traffic to and from Trusted Devices is sent in the clear
(unencrypted).

NOTE:

Trusted De-

vices must be

uniquely named on the
Bridge. An error mes-
sage will result if you at-
tempt to add a Trusted
Device with a name al-
ready in use.

Once its status as a Trusted Device has been configured, the
Bridge uses the settings you establish for it to identify, track
and manage access for the device on the network. These are:

‹

TD Identifier -

accepts up to twelve, alphanumeric

characters to uniquely identify the Trusted Device.

‹

IP Address -

establishes the device’s IP address—or, by

entering the word

any

, configures the Trusted Device to

accept any IP address, as provided by the network DHCP
(Dynamic Host Configuration Protocol) server.

CAUTION:

Specify-

ing that

any

port

can access a TD can
pose a significant secu-
rity risk.

‹

MAC Address -

establishes the device’s MAC address.

‹

Port Number(s) -

specifies the port numbers through which

the Trusted Device can access the encrypted zone—or, by
entering the word

any

, configures access for the device

through any port.

For reference, the screen displays commonly used port
numbers to the right of the configuration fields.

When one or more Trusted Devices are configured on the
Fortress Bridge, the Bridge will continually signal—through the
flashing green, front-panel cleartext LED (labeled

Clr

)—that

cleartext is being passed on the network.

While the cleartext

signal occurs in either operating mode, in FIPS terminology, it
indicates that the Bridge is in

Bypass Mode

(

BPM

)

CAUTION:

Net-

work security is

maximized when the
smallest possible num-
ber of Trusted Devices
are configured and the
smallest effective set of
ports is specified for
each.

4.3.1

Adding Trusted Devices

Trusted Devices are added one at a time.

To add a Trusted Device:

1

Log on to the Bridge GUI

admin

account and choose

TRUSTED

DEVICES

from the menu on the left.

2

On the

TRUSTED

DEVICES

screen, in the

ADD

TRUSTED

DEVICE

frame, enter valid values into the relevant fields (described
above).

3

Click

Add

to save the new Trusted Device (or

Cancel

the

addition).

See also other documents in the category Fortress Technologies Hardware: