RutOS Security

/Webinar

/RutOS Security

Pertanyaan dan jawaban // Waktu lokal Anda


Selama webinar, Anda telah mengajukan banyak pertanyaan, dan beberapa di antaranya dijawab di akhir streaming langsung. Dan di sini kami ingin berbagi dengan Anda semua pertanyaan dan jawaban Anda:


Q: Attacks are made to elements with most gains, while routers have remote management from central hub, this makes the management web as prime target, if your service is compromised, will it affect every router managed via it, or will it be separated to lot of sandboxes that attacker needs to open separetly ? This question is about RMS, just wanted to get clear picture, cause RMS presents a big target.

A: RMS service is running on AWS cloud servers, so it is highly unlikely for any potentially malicious 3rd party to get access. On top of this, RMS architecture does not allow to inject any malicious code and gain access to the routers.

Q: Can multible admins with different rights be set up. Role...based

A: If your device supports multiple users, this can be done via the WebUI administrator portal: System -> System Users You can add accounts and manage their permissions individually.

Q: Secure boot. Can you repeat the trust in the boot process

A: Secure Boot is a verification mechanism to ensure that only trusted firmware will be launched on the device. Secure boot devices are equipped with hardware root of trust which contains the keys used for cryptographic functions and in that way it enables a secure boot process. Secure boot process in the first step checks integrity and authenticity of bootloader every boot, then checks integrity and authenticity of firmware every boot and only after that verified firmware is started.

Q: How to purchase?

A: Please contact your sales manager.

Pertanyaan dan jawaban // Waktu lokal Anda


Selama webinar, Anda telah mengajukan banyak pertanyaan, dan beberapa di antaranya dijawab di akhir streaming langsung. Dan di sini kami ingin berbagi dengan Anda semua pertanyaan dan jawaban Anda:


Q: CAN WE ENABLE STATEFUL F/W AND ANITIVIRUS FEATURES BY ANY CHANCE ?

A: Unfortunately no, at this time, there are no stateful firewall or antivirus capabilities.

Q: Is MAC-address filtereing possible in V7?

A: Yes, it is possible. You can achieve this by navigating: Network > Wireless > Edit Interface > MAC-Filter

Q: Will this secure boot is a problem for custome FW using SDK

A: Secure Boot makes sure that only the authorized manufacturer firmware will be booted on the device and this firmware can not be altered or modified. It is not possible to run custom FM on the device with Secure Boot feature.

Q: Do you mean I can not modify FW using SDK ?

A: FW modifications using SDK is still available, but it is not possible to run modified FW on the devices with Secure Boot functionality. Modified FW is possible to run on devices without Secure Boot feature.

Q: By custom firmware do you ean alse build from your SDK?

A: Yes

Q: Which all devices are with S.Boot ?

A: Secure Boot feature is present only on RUT950 RUT950U072C0 and RUT955 RUT955T073B0.

Q: While secure boot, does hardware checks the codes of the built-in that they are safe and agreed code and are they checking the name of the file that are built-in program ?

A: Secure Boot requires specific hardware. Secure Boot is a verification mechanism to ensure that only trusted firmware will be launched on the device. Secure boot devices are equipped with hardware root of trust which contains the keys used for cryptographic functions and in that way it enables a secure boot process.

Q: So S. boot is default for all other x series devices by default but we can still use SDK and custom FW, is it ?

A: Secure Boot feature is present only on RUT950 RUT950U072C0 and RUT955 RUT955T073B0. Custom FW is possible to run on all other devices without Secure Boot feature.