Avaya P333R-LB Manual Do Utilizador
Chapter 14
Load Balancing in the P333R-LB
Avaya
P333R-LB User’s Guide
25
Firewall Load Balancing Management Security
In some scenarios, the P333R-LB may be placed outside of the protection of the
firewalls and be exposed to intrusion attempts through its L2 and L3 management
interfaces. This is especially true for Transparent and Bridging Load Balancing,
where the P333R-LB is placed outside the internal network. The intrusion attempts
might be either via Telnet (CLI) or SNMP/HTTP (Embedded Web manager).
The user can prevent attacks by implementing the following:
•
firewalls and be exposed to intrusion attempts through its L2 and L3 management
interfaces. This is especially true for Transparent and Bridging Load Balancing,
where the P333R-LB is placed outside the internal network. The intrusion attempts
might be either via Telnet (CLI) or SNMP/HTTP (Embedded Web manager).
The user can prevent attacks by implementing the following:
•
Change the L2 IP address of the stack agent to an IP address on a VLAN and
subnet not accessible to the Access Router that connects the device to the
outside world.
subnet not accessible to the Access Router that connects the device to the
outside world.
•
Configure Access Rules on the IP interfaces (L3) of the P333R-LB that is exposed
to the outside world, that will block Telnet, SNMP and HTTP traffic sent to
those interfaces as the final destination. This model can only be managed from
the LAN.
to the outside world, that will block Telnet, SNMP and HTTP traffic sent to
those interfaces as the final destination. This model can only be managed from
the LAN.