Nodegrid Security Considerations

Nodegrid Security Considerations
ZPE Systems takes Security very seriously, and is committed to meeting and exceeding customers requirements and expectations.

The Nodegrid family of Open Infrastructure Management Solutions are based on an x86_64 Intel architecture, built on top of a Linux Kernel. Security Best Practices are applied the same way you would do so on standard servers.


Security Features

Security Packages

  • OpenSSL
  • OpenSSH
  • Apache

Key Features

  • X.509 SSH certificate support, 4096-bit encryption keys
  • Data Store Secure Erase
  • Removable and Shreddable Storage – Archive or destroy data when needed.
  • Selectable Cryptographic protocols for SSH and HTTPS (TLSv1.2, TLSv1.1, TLSv1)
  • Selectable cypher suite levels: high, medium, low, custom
  • Periodic Industry Standard Vulnerability Scans Check
  • Up-to-Date Linux Kernel
  • SSL VPN – Client and Server
  • IPsec with support for multi site
  • Built-in Trusted Platform Module (TPM) – integrity, identification, authentication, and encryption
  • Local, AD/LDAP, RADIUS, TACACS+, Kerberos authentication
  • Local, backup-user authentication support
  • User-access lists per port
  • Group/role-based authorization: AD/LDAP, RADIUS, TACACS+
  • Fine Grain authorization for port access, power access, appliance privilege
  • Firewall – IP packet and security filtering, IP forwarding support configurable
  • MD5 / SHA System Configuration Checksum
  • System event syslog
  • Custom security with secure default settings
  • Strong password enforcement
  • PXE Boot
  • Zero Touch Provisioning (IPv6/IPv6)

Security Events, Tracking and Notification

System Data Logging

  • All users interactions are recorded
  • Data stream is inspected and events are issued upon string match

AAA and System Events

  • Events are triggered on successful and failed logins
  • Start and stop session events are issued for every access

Event and Logging Destination

  • Local and Remote filesystem (NFS)
  • Syslog Messages with configurable facility level
  • SNMP Traps
  • Email/SMS

Login Banner

  • Warn users prior to login about legal policies
  • Assert consent for monitoring the session
  • Uniquely identify the system

Password Enforcement

  • Configure Password Complexity
  • Based on pam_cracklib, allows to enforce required number of
    lowercase and uppercase letters, digits and special characters
    as well as minimum password length

Fail2ban

  • System and application log messages are monitored
  • Temporary firewall rules are automatically added to block specific access based on malicious signs like too many password failures and exploit attempts

Need more Information on Nodegrid Security Features?

Schedule a call with a ZPE Open Infrastructure Management Solutions Specialist to discuss how Nodegrid can help keep your network protected.

Schedule a Call Today

Sign Up for the ZPE Newsletter



© 2013-2017 ZPE Systems, Inc.   •   All Rights Reserved.   •   Privacy Policy & Terms of Use   •   1-844-4ZPE-SYS (+1 844 497 3797) (Toll Free)