GarrettCom Ethernet Networks and Web Management Manual De Usuario

 

11

TLS is a successor to SSL, using a wider variety of cryptographic algorithms for access security. It is 

standardized by the Internet Engineering Task Force (IETF). It is a protocol that provides secure 

communication over a TCP/IP connection such as the Internet. It uses digital certificates for 

authentication and digital signatures to ensure message integrity, and can use public key cryptography 

to ensure data privacy. A TLS service negotiates a secure session between two communicating 

endpoints. TLS is built into recent versions of all major browsers and web servers.   Although the TLS 

and SSL protocols are not interoperable, TLS secure transport can back down to SSL 3.0 if a TLS 

session cannot be negotiated. 

 

Another aspect of network security can be used to block computers from accessing the network by 

requiring the port to validate the Media Access Control (MAC) address against a known list of 

approved MAC addresses.  If there is an insecure access on a secondary device connected to a switch, 

these levels of control allow authorized users to continue to access the network while unauthorized 

packets are dropped. 

 

 

The further afield the users who have a need to access an industrial network, the more critical it is that 

the network design provide system-wide protection.  Standards such as Remote Authentication Dial In 

User Service (RADIUS 802.1x), Terminal Access Controller Access Control System (TACACS+) 

make user identity secure. For additional data security, Secure Shell (SSH) extend total system 

security by shielding traffic running through the switch.  Switch manufacturers assist in the support of 

data security using these standards, but the implementation requires broader compliance than that 

available at the individual switch.