Presentation is loading. Please wait.

Presentation is loading. Please wait.

Haga clic para modificar el estilo de subtítulo del patrón © 2012 – Teldat GmbH – All rights reserved „Port Based Security“ – „Drop-In-Mode“ The ideal.

Similar presentations


Presentation on theme: "Haga clic para modificar el estilo de subtítulo del patrón © 2012 – Teldat GmbH – All rights reserved „Port Based Security“ – „Drop-In-Mode“ The ideal."— Presentation transcript:

1 Haga clic para modificar el estilo de subtítulo del patrón © 2012 – Teldat GmbH – All rights reserved „Port Based Security“ – „Drop-In-Mode“ The ideal solution for retail chains

2 © 2012 – Teldat GmbH – All rights reserved Port Based Security  One private IP subnet (= one IP broadcast domain) in each branch  Static IP addresses on the LAN (no DHCP)  Allow POS transactions to HQ  Customer card transactions via IP connected card machines  Mobile phone topup tranactions and lottery transactions  Remote maintance of the POS equipment  Remote maintance of other IP connected equipment in the branch by 3rd parties  The requirments of the „Payment Card Industry Data Security Standard (PCI)” must be met.  To fulfil these requirements, the network topology at the branch office LAN must be changed (IP subnetting / VLANs).  A change to the Network topology in hundreds or thousands of branches is both expensive and logistically prohibitive Situation: in the branch sites

3 © 2012 – Teldat GmbH – All rights reserved Port Based Security R1202 Switch IP-Subnet / „M2M/ Lottery/ etc“ „Card Terminal“ VPN-Gateway Problem: How can I prevent access between equipment without extensive modification of network topology? VPN „CRM“

4 © 2012 – Teldat GmbH – All rights reserved Port Based Security The Challange: ●Virtual separation of the network components WITHOUT removing equipment from the common IP subnet ●Although the network components are in a common IP broadcast domain ensure they CAN NOT DIRECTLY communicate with each other... ●......but to allow communication via the router, which can control the access between network components via its existing Layer 3 features (firewall, ACL)

5 © 2012 – Teldat GmbH – All rights reserved.1 Port Based Security "Drop-In Mode" - also known as "transparent mode" R1202 Switch IP-Subnet / „M2M/ Lottery/ etc“ „Card terminal“ VPN-Gateway „Drop-In-Router“ Solution: Access is via the "drop in" router with firewall / ACL rules „CRM“

6 © 2012 – Teldat GmbH – All rights reserved Port Based Security ●Physical separation of network components with the help of separate LAN ports on the router (optionally VLAN also possible) ●The IP broadcast domain extends above it to the entire Ethernet network ●Within each physical (virtual) “Zone“ the direct communication with each other continues to be permitted ●The „Drop-In-Router“ can now control all the traffic ●betweeen the „Zones“ („Intra-Domain-Routing“) ●Between the IP-Broadcast-Domain and other Networks the Layer-3 features control and regulate this The solution: "Drop-In Mode" - also known as "transparent mode"

7 © 2012 – Teldat GmbH – All rights reserved Port Based Security The advantages of the "drop-in mode" Solution  No complex changes to the network topology are required  Requests between the network components can reliably be controlled via the router security features (firewall, ACL)  No VLAN segmentation is required, however optionally VLAN is also possible.  Easy configuration in the branch router in just a few steps ( Go & Protect )  Ethernet port configuration is identical in all stores...  small number of branch-specific parameters...  Therefore little effort... in installation and maintenance  Compared to other solutions only ONE VPN tunnel to the central office required  Less administrative work  More Performance  Better stablity  Central site solution needs only minimul adjustment

8 © 2012 – Teldat GmbH – All rights reserved „Drop In Mode“ – Transparent Mode


Download ppt "Haga clic para modificar el estilo de subtítulo del patrón © 2012 – Teldat GmbH – All rights reserved „Port Based Security“ – „Drop-In-Mode“ The ideal."

Similar presentations


Ads by Google