Web and Network Communications
|Virtual Private Networks|
Anyone designing a product that will be connected to the internet should be concerned about network security. Green Hills Networking products are pre-integrated with a wide range of security protocols. The broad range of choices makes it easy for the developer to determine the appropriate level of security necessary for their device and deploy it with virtually no impact to their schedules or time to market.
Green Hills Software offers a wide range of security products that are implementations of IETF standardized security protocols. They offer security services such as encryption, authentication, integrity check and replay protection. What protocol to use is determined by the type of application you want to protect.
VPN software enables a user to create a private connection over public networks. By using IPsec, the connection will also be secure, enabling transmission of confidential data over the Internet.
» IPsec - Internet Protocol
- Internet Protocol Security
Adding IPsec to an embedded system addresses these threats by using strong encryption, integrity, authentication and replay protection. IPsec has become the de facto standard for creating secure networks, and is supported by all major network vendors.
IPsec is designed for both IPv4 and IPv6 operation, and is optimized for deployment in embedded systems.
- Internet Key Exchange
Embedded IKE is an application which generates keys and distributes them securely. IKE stores the keys in a Security Association Database (SADB). IPSec then fetches the necessary keys from SADB when it needs to apply security to an IP packet. A security association contains the encryption keys to use, a specification of the IPSec protocols to apply, the lifetime of the SA, etc.
SSH - Secure Shell
SSL was invented by Netscape to include security in their products in order to make communication safe. SSL was originally intended for use with the HTTP protocol used by web servers and browsers but has since evolved to be an important component in all kinds of secure Internet communication.
SSL can be used to implement strong authentication, privacy, non-repudiation and integrity for customer specific client or server applications as well as interface to standard Internet applications.
Using SSL to secure your applications in your projects has the advantage that it is already included in all browsers which guarantees portability and ease-of-use for your customers since they can simply start their favorite browser in order to securely manage the system.
Supported functions and algorithms provided with SSL Crypto Library:
- Secure Embedded Web Server
Since the HTTP protocol does not contain any security features, the HTTPS protocol was invented. It introduces Secure Socket Layer (SSL) functionality in the communication between the Web Server and the browser. This eliminates the risk of most security breaches, and has now become the de facto standard for secure web communication.
The Secure Embedded Web Server has built-in support for SSL which is configurable, and can be removed to get minimum footprint. Secure Embedded Web Server features:
Secure Web Server features:
*SSL is supported in the optional SSL module
- Remote Authentication Dial In User Service
The Embedded RADIUS client is easy to use and to provides high performance when many logins are in progress. RADIUS is designed for embedded systems and is configurable and under complete control of the user application.
Feature and RFC Conformance for RADIUS:
Delivered in ANSI compliant ”C” source code