Secure PX Intelligent Power Distribution Units

PDU Rack Level Security

The rapid growth of digital data has put immense pressure on data centers to evaluate their security initiatives. At Raritan, we make sure that security is top of mind when engineering our products. Our line of PX intelligent Rack PDUs are equipped with the latest network security protocols, the most diverse options for user authentication and management, and leverages best-in-class data encryption methods. Our Rack PDUs are continuously updated in order to provide the safest deployment experience while meeting the increased network security requirements in high-risk environments.

If a device is on a network, a set of security measures must be in place to protect the equipment, its data, and the network it is connected to.

Security Measures:

 

At Raritan, we take PDU rack-level security seriously given our 30+ years of pioneering experience in IT and data center management. We monitor US-CERT for reported security vulnerabilities to keep our customers secure, taking action to ensure the security within our products. To see all PX intelligent PDU innovations visit — http://www.raritan.com/products/power-distribution/intelligent-rack-pdus.

The PX intelligent PDU ensures that your power distribution remains reliable and secure, even in the most sensitive environments. Our PDUs are designed to provide unparalleled security for your data center and rack-level power distribution needs. Want to learn more? Read more about our rack PDUs here.


rack pdu encryption

Encryption: As rack PDUs are connected to management networks and even to the production networks, it is critical that all data sent or received by the PDUs is encrypted. We only enable secure encrypted communication by default — HTTPS and SSH. We use the strongest encryption in the industry as in:

  • HTTPS connections use TLS 1.2/ 1.3 with AES 128/ 256-bit ciphers supporting the widest range of browsers
  • SSH connections use public key authentication where password authentication is not adequate or feasible, like in scripts
  • SNMP v3 connections are encrypted with MD5/ SHA1/ SHA-224/ SHA-256/ SHA-384/ SHA-512 and encrypted with DES/ AES-128/ AES-192/ AES-256
  • StartTLS implementation ensures encrypted transport of user credentials from the PDU to the remote authentication server
  • Besides being a secure server, the PDU is also a secure client when dealing with remote authentication servers using TLS for OpenLDAP and active directory as well as CHAP for RADIUS communication

rack pdu password security

Password Policies: With all the security measures available and implemented, passwords remain the most critical component of security. We provide several ways to ensure passwords are strong and current.

  • Strong passwords require a minimum of eight characters with lower case, upper case, numerals and special characters while forbidding the past three passwords
  • Force password change ensures that the default password gets changed after the first-time login as default passwords are the easiest way for hackers to take control of connected devices
  • Password expiration ensures passwords getting refreshed periodically, preventing hackers from accessing the PDUs from any known security breaches

rack pdu firewall security

Firewall: Rack PDUs are accessed over the network for various reasons ranging from simple data collection to critical alert notifications, and even power control. With systems and users needing access from various segments of the corporate network, it is critical to keep unauthorized access completely out through the following means:

  • IP-Based Access Control Lists (IP ACL) rules determine whether to accept or discard traffic to/from the PDUs, based on the IP address of the host sending or receiving the traffic
  • Role-Based Access Control (RBAC) rules act like IP access control rules which allow access to PDUs based on the roles of individual users

rack pdu cyber attack defense

Defense in Depth: Rack PDUs play a critical role in managing the power infrastructure and servers, using the PDUs remote power control functionality. Therefore, it is essential to protect against network breaches. We have implemented several security measures that keep the rack PDUs one step ahead of these threats:

  • Blocking access after repeated failed login attempts to defend against potential Distributed Denial of Service (DDoS) attacks and logging the source of the attempts
  • Timing out inactive sessions to prevent unauthorized access
  • Limiting the use of the same login credential from multiple clients
  • Enforcing restricted service agreement warnings and requiring that users accept them to login
  • At startup, Secure Boot was implemented to ensure that the device only boots using the firmware trusted by Raritan, a brand of Legrand

rack pdu security certificates

Certificates: X.509 digital certificates ensure that both parties in a secure connection (TLS) are authorized users. As rack PDUs are increasingly accessed over public networks, having valid certificates protect against man-in-the-middle attacks. To make this process as efficient as possible, Raritan rack PDUs support two major types of certificates:

  • CA certificates using either RSA or ECDSA keys that are issued and signed by public certificated signing authorities after thorough verification of the user’s business; the PDU interface even generates the certificate signing request for submission to signing authorities such as Verisign, Digicert, and more
  • Self-signed certificates when a CA certificate is not deemed necessary; the PDU also provides an interface to generate a self-signed certificate
 
 

Ready to Learn More?

Schedule a Demo

Schedule a demo to learn more about our intelligent PDUs.

Schedule Today

Have a Question?

Our remote access pros can help.
 

Contact Us

Get the Power Catalog

Get all the information on our Rack PDUs, Transfer Switches, Sensors, and More!

Power Product Catalog