Upload
cepillo
View
273
Download
2
Embed Size (px)
Citation preview
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
1/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper
Issue 02
Date 2012-07-28
HUAWEI TECHNOLOGIES CO., LTD.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
2/37
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
i
Copyright Huawei Technologies Co., Ltd. 2012. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees orrepresentations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.
Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com
Email: [email protected]
http://www.huawei.com/http://www.huawei.com/mailto:[email protected]:[email protected]:[email protected]://www.huawei.com/8/10/2019 RTN 950 V100R003C03 Security White Paper 02
3/37
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
4/37
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
5/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 1 Product Introduction and Network Applications
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
2
1.2 Network ApplicationsThe OptiX RTN 950 provides several types of service interfaces and facilitates installationand flexible configuration. It can provide a solution that is integrated with the TDM
microwave, Hybrid microwave, and Packet microwave based on the network requirements.This solution supports a smooth upgrade from the TDM microwave to the Hybrid microwave,
or from the Hybrid microwave to the Packet microwave. In addition, the solution can beevolved based on service changes due to radio mobile network evolution. Therefore, this
solution can satisfy the transmission requirements of not only 2G and 3G networks, but alsofuture LTE and 4G networks.
Figure 1-2 shows the microwave transmission solution that is provided by the OptiX RTN 950
for the mobile communication network.
Figure 1-2Microwave transmission solution provided by the OptiX RTN 950
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
6/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 2 Security Architecture
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
3
2 Security Architecture2.1 Overview of Hardware Security
Figure 2-1 shows the system block diagram of the OptiX RTN 950. The system adopts
high-reliability hardware design to ensure that the system runs properly under security threats.
Figure 2-1System block diagram
The following hardware preventive measures are provided:
Microwave interfaces: The FEC encoding mode is adopted and the adaptive time-domainequalizer for baseband signals is used. This enables the microwave interfaces to tolerate
strong interference. Therefore, an interceptor cannot restore the contents in a data frame
if coding details and service configurations are not obtained.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
7/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 2 Security Architecture
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
4
Modular design: Control units are separated from service units and service units are
separated from each other. In this manner, a fault on any unit can be properly isolated,minimizing the impact of the fault on other units in the system.
CPU flow control: Data flow sent to the CPU for processing is classified and controlled
to prevent the CPU from being attacked by a large number of packets. This ensures thatthe CPU operates properly under attacks.
2.2 Overview of Software SecurityBeing positioned at the transport layer of a communications network, the OptiX RTN 950
provides high-capacity and high-reliability transparent transmission tunnels, and is almost
invisible to end users. Therefore, the transmission tunnels are not easily exposed to externalattacks. To better address security requirements, the following part describes services
provided by the OptiX RTN 950, based on which security design is implemented.
The OptiX RTN 950 processes two categories of data: O&M data and service data. Thepreceding data is transmitted over independent paths and does not affect each other. Therefore,services on the OptiX RTN 950 are processed on two planes:
Management plane
Data plane
The management plane provides access to the required equipment and management functions,
such as managing accounts and passwords, communication protocols, and alarm reporting.
The management plane adopts a security architecture shown inFigure 2-2.
Figure 2-2Security architecture on the management plane
Hardware Platform
Vxworks OS
TCP/IP Protocol Stack
Security Management
Account and
Password
Management
Security Log
SSL 3 0/TLS 1 0
OSPFv2
ACL
NTPv3
TCP/IP Attack
Prevention
RADIUS
SNMPv3
Operation Log
FTP/SFTP
Security features on the management plane implement security access, integrated security
management, and all-round security audits. The Secure Sockets Layer (SSL) features providesecurity access to the required equipment. The Remote Authentication Dial-In User Service
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
8/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 2 Security Architecture
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
5
(RADIUS) feature implements centralized security authentication for the equipment on the
entire network.
The data plane processes the service data flow entering the equipment and forwards servicepackets according to the forwarding table. Security features on the data plane ensure
confidentiality and integration of user data by preventing malicious theft, modification, andremoval of user service packets. They ensure stable and reliable operation of the forwarding
plane by protecting forwarding entries against malicious attacks and falsification. The dataplane provides:
User service separation methods
Access control methods
Methods for controlling and managing ingress and egress bandwidth of the equipment to
ensure reliable operation, such as flow control and QoS. The data plane adopts a securityarchitecture shown inFigure 2-3.
Figure 2-3Security architecture on the data plane
Hardware platform
Product adapter/driver
VxWorks OS
Service platform
Access
control
Quality of service
Service
componentsProtocol
securityFlow control
Security
components
Protocol
components
Other
components
Availability
Figure 2-4 shows principles of data separation on the management plane and data
plane.Principles of data separation
Fiber or Radio
payload
D bytes
payload
D bytes
Fiber or Radio
payload
VLAN
payload
VLAN
The equipment supports two modes:
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
9/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 2 Security Architecture
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
6
In overhead+payload mode, data on the management plane is transmitted as D-byte
overheads and data on the data plane is transmitted as payloads. Data is physicallyseparated on the two planes.
In VLAN+payload mode, data on the two planes is transmitted as service data, shares
physical bandwidth and is separated by the VLAN technology. Data on the two planesuses different VLAN IDs.
Table 2-1 lists the security functions provided by the OptiX RTN 950.
Table 2-1Security functions
Plane Function Description
Management
plane
Account and
passwordmanagement
Manages and stores maintenance
accounts.
Local authentication
and authorization
Authenticates and authorizes accounts.
RADIUS
authentication andauthorization
Authenticates and authorizes remote
accounts in a centralized manner toreduce maintenance costs.
Security log Records events related to account
management.
Operation log Records non-query operations arerecorded.
TCP/IP attack defense Provides defense against TCP/IP
attacks, such as IP error packets,Internet Control Message Protocol(ICMP) ping attacks and Jolt attacks,
and Dos attacks.
Access control list Provides access control lists based onIP addresses and port IDs.
SSL/TLS encryptioncommunication
Uses the SSL3.0 and TLS1.0 protocolsto establish an encryption channel
based on a security certificate.
SFTP Supports Secure File Transfer Protocol
(SFTP) clients.
Open Shortest Path
First (OSPF)
Uses the OSPFv2 protocol for standard
MD5 authentication.
Network Time
Protocol (NTP)
Uses the NTPv3 protocol for MD5
authentication and permission control.
Data plane Flow control Controls traffic at ports. Broadcastpackets are suppressed. Unknown
unicast packets and multicast packets
are discarded. QoS is used to limit theservice traffic.
Discarding of Discards incorrect packets, such as an
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
10/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 2 Security Architecture
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
7
Plane Function Description
incorrect packets Ethernet packet shorter than 46 bytes.
Loop prevention Detects self-loops at service ports,
blocks of self-looped ports, and detectsEthernet loops.
Access control of
Layer 2 services
Filters static MAC addresses in the
static MAC address table, provides ablacklist, enables and disables the
MAC address learning function, andfilters packets based on complex traffic
classification.
Service separation Includes Layer 2 logical separation,
split horizon, and physical pathseparation.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
11/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 3 System Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
8
3 System Security3.1 Management Plane
3.1.1 Threats
The management plane of the OptiX RTN 950 supports O&M functionality. This functionality
allows you to activate and maintain services, monitor network problems, and identify security
risks. Threats to the management plane are a leakage of accounts and passwords and invalidaccess. An authorized user who obtains accounts and passwords to log in can configure the
system or modify services. In serious cases, service interruption or termination may occur.
The OptiX RTN 950 adopts the following measures to protect the management plane against
the preceding threats:
Strict account management and permission control
Effective log management
Private communication channels (to be described in chapter 4 "Network Security")
Account management and authorization prevent invalid accounts from accessing to theequipment. Security logs and operation logs record security and configuration events of the
system, so users can check logs to prevent security risks at any time. Private communicationchannels prevent accounts and passwords from leaking out. The following chapters describe
these security measures in detail.
3.1.2 Preventive Measures
Figure 3-1 shows the security management system provided by the OptiX RTN 950.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
12/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 3 System Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
9
Figure 3-1Security management system provided by the OptiX RTN 950
Security
Management
Log
Management
Account
Management
Account Password
Management
Authorization
Authentication
Operation Log
Security Log
.Account Complexity
.Password Complexity
.Valid Period of Password
.Encrypt Pollicy Password
.Radius Account Management
.User Group Management
.Radius Authorization
.State of Account
.Valid Period of Account
.Period of Login
.Disable Unused Account
.Lock Policy and Security
Alarm
.Radius Authentication
.Log Integrality
.Log Record
.Log Overflow Event
.Log Integrality
.Log Record
.Log Overflow Event
.log Upload
Accounts and Passwords
Accounts of the OptiX RTN 950 are divided into five levels: system monitoring, systemoperation, system maintenance, system administration, and system super administrator.
Accounts at the system monitoring level represent the lowest rights and are authorized toissue query commands of the smallest function collection. Accounts at the system super
administrator level represent the highest rights and are authorized to perform all operations ofthe system. Accounts at the system administration level are authorized to manage accounts,
that is, to create, delete, modify, and query accounts. When creating an account, theadministrator must specify information such as the user name, password, user level, and
active period for this account. When a user first uses a new account to log in, the system
prompts the user to change the initial password.
The system supports default accounts. After the system starts up for the first time, a user
needs to log in to the system by using a default account. Default accounts can be queried ordeleted and their passwords can be modified by using the network management system
(NMS).When a user uses a default account and a default password to log in, the systemprompts the user to change the password.0 andTable 3-3 list default accounts and passwords
of the system.
Table 3-1Default accounts and passwords in BIOS state
Account Password Group
szhw nesoft Super administrator
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
13/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 3 System Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
10
Table 3-2Default accounts and passwords
Account Password Group
szhw nesoft Super administrator
root password Administrator
lct password Administrator
LCD LCD Administrator
Table 3-3Rules for accounts and passwords
Rule DescriptionUniqueness of accounts All accounts held in the same system are unique.
Complexity of accounts An account consists of 4 to 16 characters, includingletters in lower case and upper case.
Length of passwords A password consists of 8 to 16 characters. To change
a password, a user needs to enter the originalpassword once and a new password twice.
Complexity of
passwords
A new password consists of at least three of the
following character types: lower case letters, upper
case letters, numbers, and special characters.
A new password must be different from the
previous five passwords.
A new password must be different from an account
name, either in the normal written format or in the
reversely written format.
A new password must contain two or more
characters different from those of the oldpassword.
Active periods of
passwords
After the active period expires, the password can be
used for only three logins. The default value is 0,
which indicates that the passwoord is validpermanently.
A common user has a shortest active period of oneday after which the password can be changed.
Storage of passwords Passwords encrypted by using MD5 are held in the
system beyond queries.
Management of accounts Accounts can be created, modified, deleted, and
queried.
Query of online users Users of the administrator group can query otheronline users.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
14/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 3 System Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
11
Authentication
Authentication is the process wherein the system checks whether accounts and passwords are
valid. Terminals accessing the equipment through physical ports and protocol ports need topass authentication before they are authorized to operate the equipment.
The equipment supports two authentication modes: local authentication and RADIUSauthentication. In local authentication mode, accounts and passwords are saved on the
equipment. The equipment uses locally stored accounts to authenticate users in login attempts.In RADIUS authentication mode, accounts and passwords are saved on the RADIUS server.
The equipment uses the RADIUS protocol to forward accounts and passwords to the RADIUS
server. The RADIUS server checks whether the accounts and passwords are valid. InRADIUS authentication mode, accounts and passwords of equipment on the entire network
are saved on the RADIUS server. These accounts and passwords can be easily maintained andhave high security.
Local authentication
Table 3-4 lists the check items involved in local authentication.
Table 3-4Check items involved in local authentication
Item Description Handling
Activation status
of accounts
If an account is activated, the
login request is accepted; if anaccount is deactivated, the
login request is refused.
The user who is logged in to the
system by using an administratoraccount can change the activation
status of other accounts.
Active periods of
accounts
An account can be used for
logins within a specific period,
namely, the active period. Ifthe active period of an account
expires, the login request isrefused.
The user who is logged in to the
system by using an administrator
account can change the activeperiods of other accounts.
Active periods of
passwords
The password of an account
can be used for logins within aspecific period, namely, the
active period. After the activeperiod of the password expires,
the first three login requestsare accepted but the later ones
are refused.
The user who is logged in to the
system by using an administratoraccount can change the active
periods of the passwords of otheraccounts.
Login time of
accounts
An account can be used for
logins within a specific section
of a day, namely, the logintime. If an account is used
beyond its login time, the loginrequest is refused.
The user who is logged in to the
system by using an administrator
account can change the logintime of other accounts.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
15/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 3 System Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
12
Item Description Handling
Inactive time ofaccounts
An account is deactivated if aspecific period elapses from
the last login. This period is
called inactive time ofaccounts. If an account is
deactivated, the login requestis refused.
The user who is logged in to thesystem by using an administrator
account can change the inactive
time and enabled/disabled statusof other accounts.
Locked accounts If an account is locked, the
login request is refused untilthe locking time expires.
After five login attempts using
one account fail and the intervalbetween two attempts is shorter
than three minutes, the account islocked and cannot be unlocked
manually. An alarm is reported atevery login attempt since the
sixth one.
Automatic logout of
accounts
If an account does not exchange
data with the equipment for a
specified time, the account will be
automatically logged out. Then the
account must be authorized again
before logging in to the equipment.
The specified time for automatic
logout is one hour, which cannot be
changed by users.
RADIUS authentication
In RADIUS authentication mode, accounts and passwords are managed by the RADIUSserver and only the accounts that pass the authentication can be used to log in to the
equipment. The RADIUS authentication mode takes precedence over the local authenticationmode. If the RADIUS server is unreachable, the local authentication mode is automatically
used. Successful local authentication also requires valid accounts and passwords. When theconsecutive authentication failures reach a specified value, a security alarm is reported. In
addition, the RADIUS protocol supported by the system complies with RFC 2856 and RFC2866.Figure 3-2 andFigure 3-3 show the principle and process of RADIUS authentication.
Figure 3-2Networking of RADIUS authentication
U2000 server
RADIUS
master server
RADIUS
Slave server
U2000 client
U2000 client
U2000 client
Device
NAS
NAS
NAS
NAS
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
16/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 3 System Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
13
Figure 3-3Process of RADIUS authentication
U2000 server
1
Login username
+ password)
2
Radius request
3
Radius response4
Login success/failure
NAS
RADIUS server
Reliability is critical to a RADIUS server because accounts of equipment on the entire
network are managed and authenticated by the RADIUS server. The OptiX RTN 950 supports
master and slave RADIUS servers to ensure reliability of the external server.
Table 3-5RADIUS functions
Function Description
RADIUS
authentication,authorization, and
accounting
After the RADIUS function is enabled, accounts
attempting to log in to an NE are forwarded to theRADIUS server. The RADIUS server determines
whether these accounts can log in to the NE.
RADIUS
authentication policy
The system prefers RADIUS authentication to local
authentication.
Authorization
Authorization is the process wherein the system assigns operation rights to valid accounts thathave logged in.
Accounts are managed in groups.Table 3-6 lists division and definition of groups. Accounts
of the administrator group and higher-level groups are authorized to perform all securitymanagement and maintenance operations. System super administrator-level account has the
highest rights and is only available in fault location. Operations that an account can performdepend on the rights granted to a user when the account is created. If an account is used to
attempt any unauthorized operation, an error message is displayed and the attempt is logged.
Table 3-6Groups of accounts
Group Rights
System monitoring This group represents the lowest rights. The accounts of this group are
authorized to issue query commands and modify their own attributes.
System operation The accounts of this group are authorized to query the systeminformation and perform some configuration operations.
System maintenance The accounts of this group are authorized to perform all maintenance
operations.
System
administration
The accounts of this group are authorized to perform all query and
configuration operations.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
17/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 3 System Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
14
Group Rights
Superadministration
The accounts of this group are authorized to perform all operations.
Log Management
Logs record routine maintenance events of the equipment. Users can find security loopholes
and risks by checking logs. Considering security categories, the system provides security logsand operation logs. Security logs record operation events related to account management.
Operation logs record all events related to system configurations.
Operation log
The operation log tracks the non-query operations performed by each account, including the
account name, address of the client, time, operation, and results.
Table 3-7Operation log
Operation Description
Querying the
operation log
Only authorized administrators or users with higher rights can upload
and query the operation log.
Checking theintegrity of the
operation log
The system checks the integrity of the operation log and allows nomanual changes.
Recovering theoperation log The operation log can be recovered even after a power-cycle of thesystem.
Overwriting the
operation log
The operation log keeps records in time sequence. After the memory
is exhausted, the earliest records of the operation log are overwrittenwith the latest records. Once the memory is exhausted, a performance
event is reported to prompt the user.
Security log
The security log tracks security-related configuration operations (including user management
and security settings) and the attempts of unauthorized operations. The security log providesthe information about the account name, address of the client, time, and operation.
Table 3-8Security log
Operation Description
Querying the
security log
Only authorized administrators or users with higher rights can upload
and query the security log.
Checking theintegrity of the
security log
The system checks the integrity of the security log and allows nomanual changes.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
18/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 3 System Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
15
Operation Description
Recovering thesecurity log
The security log can be recovered even after a power-cycle of thesystem.
Overwriting thesecurity log
The security log keeps records in time sequence. After the memory isexhausted, the earliest records of the operation log are overwrittenwith the latest records. Once the memory is exhausted, a performance
event is reported to prompt the user.
3.2 Data PlaneThe data plane of the OptiX RTN 950 transparently transmits services based on Layer 2
information, such as VLAN tags and MAC addresses. The boards of the equipment do notlisten to user services.
The OptiX RTN 950 handles the threats of flow bursts, malicious pockets, and data thefts
through access control, flow control, loop detection and avoidance, protocol securityguarantee, and service separation. Section4.3 "Network Services"describes details of these
mechanisms.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
19/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
16
4 Network Security4.1 Network Security Management
Figure 4-1 shows the implementation mechanism of security management for a network.
Figure 4-1Implementation of security management
External DCN
Transport network
(Internal DCN)
Firewall
SSL
NMS
ACL
4.1.1 Threats
According to the network topology, a data communication network (DCN) consists of an
external DCN and an internal DCN. The external DCN refers to a network from the NMS tothe gateway equipment. The external DCN is generally an IP network that is built or leased by
a customer, or the Internet. The internal DCN refers to a self-organization network ofequipment. The IP protocol has been widely developed and applied because it is simple and
open. However, an IP network has poor security and can be easily attacked. The securitythreats brought by the external DCN on internal equipment are as follows: invalid access,
network attacks, and theft and modification of private data. To counterattack such threats, the
OptiX RTN 950 provides the following preventive measures:
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
20/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
17
Access control
TCP/IP attack prevention
Encryption channel for access
Secure communication protocols
4.1.2 Preventive Measures
Access Control
The OptiX RTN 950 provides Access Control Lists (ACLs). Users set IP addresses and
communication ports in whitelists and blacklists to limit data from specific IP addresses and
to filter data from specific communication ports. The ACL function protects the equipmentfrom network attacks by controlling data of access requests from unauthorized IP addresses
and communication ports.
Table 4-1Classification of ACLs
Item Value Range Feature
Basic ACL 00xffffffff Rules are defined based on the source IP address.
AdvancedACL
00xffffffff Rules are defined based on the source IP address of a datapacket, destination IP address of a data packet, protocol
type of the IP bearer network, and protocol features. Theprotocol features include source port of the TCP protocol,
destination port of the TCP protocol, and ICMP protocol
type.
Table 4-2ACL parameters
Parameter Value Range Description
ACL operation type Permit and deny Indicates the ACL operation type. The values
are as follows:
Deny: If a received message does notcomply with a rule in an ACL, the
message is discarded.
Permit: If a received message complies
with a rule in an ACL, the message isdiscarded.
Source IP address Source IP address The source IP address and the source
wildcard determine the addresses to whichthat an access control rule is applicable.
Source wildcard 00xFFFFFFFF The value 0 represents a bit that must be
exactly matched and the value 1 represents abit that is ignored.
Sink IP address Sink IP address The destination IP address and the sink
wildcard determine the addresses to which
that an access control rule is applicable.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
21/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
18
Parameter Value Range Description
Sink wildcard 00xFFFFFFFF The value 0 represents a bit that must beexactly matched and the value 1 represents a
bit that is ignored.
Protocol type TCP, UDP, ICMP,and IP
Set this parameter to UDP or TCP whenfiltering packets at an UDP or a TCP port. Set
this parameter to ICMP when filtering packetsof the ICMP protocol and code type. The
value IP indicates that the protocol type is not
concerned.
Source port 065535 or
0xFFFFFFFF;0xFFFFFFFF
indicates that this
parameter is notconcerned.
This parameter is available only when
Protocol typeis set to TCPor UDP.
Sink port 065535 or0xFFFFFFFF;
0xFFFFFFFF
indicates that thisparameter is not
concerned.
This parameter is available only whenProtocol typeis set to TCPor UDP.
ICMP protocol type ICMP protocol type This parameter is available only when
Protocol typeis set to ICMP. The value 255
indicates that this parameter is not concerned.
ICMP code type ICMP code type This parameter is available only when
Protocol typeis set to ICMP. The value 255indicates that this parameter is not concerned.
TCP/IP Attack Prevention
Gateway equipment may be under external attacks because it is directly connected to an
external DCN. The TCP/IP protocol stack needs to protect the equipment from attacks, soservices are transmitted normally by the equipment under attacks. Therefore, the equipment is
more secure and reliable.
Table 4-3 lists the attacks that the equipment can prevent currently.
Table 4-3TCP/IP attacks
Attack Protocol Attack Mode Preventive Measure
Address
spoofingattack
ARP IP address
conflict
If the IP address of an external device
conflicts with that of the equipment, theequipment sends a gratuitous ARP
packet to broadcast the correct MACaddress.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
22/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
19
Attack Protocol Attack Mode Preventive Measure
IP IP addressconfiguration
conflict
Before making an IP address to takeeffect, the equipment checks whether the
IP address has been used. If the IP
address has been used, the equipmentdoes not make the IP address to take
effect.
Message
spoofing
attack
IP IP option attack Prevents attacks by using ICMP, TCP,
or UDP messages that carry incorrect IP
options.
IP Defective IP
header attack
Prevents attacks by using extremely
short IP headers, defective IP headers,special source IP addresses, and IP
headers with unknown protocols.
IP IP fragment attack Prevents IP fragment attacks such asmassive segments, huge offsets, repeated
segments, TearDrop, Bonk, SynDrop,NewTear, Nesta, Rose, and Fawx.
TCP TCP flag bit
traversal
Prevents TCP flag bit traversal such as
packets without Flag, FIN bit withoutACK bit, packet with URG/OOB flag,
and SYN and FIN bits set.
ICMP Defective ICMPpacket
Prevents ping attacks and Jolt attacks.
Flood attack IP IP non-payload
flood attack
Prevents IP packet attacks and generates
an alarm indicating an IP address attackwithout affecting the normal operation
of the equipment.
UDP UDP flood attack Prevents fraggle attacks and diagnosesport flooding, port 0 flooding, and loop
flooding.
ICMP ICMP flood
attack
Prevents ICMP flood attacks, Smurf
attacks, ping flood attacks, loop ping
flood attacks, time stamp request flood
attacks, mask request flood attacks, androuter request flood attacks.
DoS attack TCP Syn flood attack Prevents Syn flood attacks without
affecting the normal operation of the
equipment.
TCP Land attack Prevents land attacks without affecting
the normal operation of the equipment.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
23/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
20
Security Access
Security access is the process wherein the OptiX RTN 950 uses secure communication
channels or secure communication protocols for access to prevent security risks. The NMScan use SSL channels to access the equipment.
The NMS accesses the equipment by using SSL channels.
The NMS uses Ethernet ports or Operation, Administration, and Maintenance (OAM) ports to
access the equipment. OAM ports provide local access. Ethernet ports provide remote accessby using the external DCN for access. Communication between the NMS and GNE uses
standard TCP/IP protocols. When the NMS uses external DCN to access the equipment,configuration data and account information of the NMS transmit over the external DCN. The
communication channels for access use the SSL3.0 and TLS1.0 protocols to encrypt data toensure secure transmission.SSL access of the NMS
External DCN
Transportn etwork( Internal DCN)
Firewall
SSL
NMS
GNE
Certificates are needed for establishing SSL and TLS encryption channels. The certificates are
managed and issued by carriers. The OptiX RTN 950 loads and activates SSL certificates. Thedelivered equipment has a default SSL certificate by default. It is recommended that the
customer replace the default SSL certificate with its own SSL certificate. The equipmentcomplies with RFC 2246 standards and supports encryption algorithms specified in the
standards, such as AES, DES, RC4, RC5, IDEA, SHA-1, and MD5.
The following part describes working principles of SSL.
The SSL protocol provides enhanced encryption and decryption algorithms to ensure allsecurity features except serviceability for communication. In addition, the algorithms cannot
be cracked in a short time. The SSL layer establishes an encryption channel based on TCP toencrypt data that passes the SSL layer. The SSL protocol consists of the Handshake protocol
and the Record protocol. The Handshake protocol is used for cipher key negotiation. Most ofthe contents in the protocol describe how to securely negotiate a cipher key between two
communication parties. The Record protocol defines the data transmission format.
Transport Layer Security (TLS) is a security protocol similar to the SSL protocol. TLS1.0 isbased on SSL3.0 and supports SSL3.0.Figure 4-3 shows the negotiation of the SSL protocol
key.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
24/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
21
Figure 4-3Negotiation of the SSL/TLS key
N
MS
External DCN
1
6
5
4
3
2
7
8
9
1
12
11
ClientHello
ServerHello
Certificate
CertificateRequest
ServerHelloDone
Certificate
ClientKeyExchange
CertificateVerify
ChangeCipherSpec
Finished
ChangeCipherSpec
Finished
4.2 Protocols and Control
4.2.1 Threats
On an internal DCN, standard protocols on the IP layer are used for communication between
equipment. These protocols may be used for interconnection with third-party equipment. Inthis case, the result calculated by the OptiX RTN 950 may be incorrect when the third-party
equipment transmits incorrect information. When interconnected with third-party equipment,the OptiX RTN 950 takes the following preventive measures to ensure communication
security:
Adding protocol authentication and access control
Adopting secure standard protocols
4.2.2 SFTP Clients
The OptiX RTN 950 provides an SFTP client based on SSH for software upgrades. In this
application, the equipment serves as a client and the SFTP server is deployed outside theequipment network and is provided by the carrier. Figure 4-4 shows the application of SFTPclients.
The SFTP authentication policy is determined by the SFTP server. The OptiX RTN 950
supports password authentication and key authentication. Password authentication is theprocess wherein an SFTP client uses a user name and password to log in to the SFTP server.
Key authentication is the process wherein an SFTP client and SFTP server adoptRevist-Shamir-Adleman Algorithm (RSA) for cryptographic authentication. A user needs to
generate an RSA key on the equipment and to upload the public key to the SFTP server beforecryptographic authentication. The user can set the length of the RSA key from 2048 bits to
4096 bits.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
25/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
22
The equipment uses passphrases to protect private keys on an SFTP client for cryptographicauthentication. When users generate key pairs, they need to set the passphrases.
The SFTP client of the OptiX RTN 950 is enabled when before deliver. Users can disable orenable it using the NMS.
Figure 4-4Application of SFTP clients
External DCN
Transport network
(Internal DCN)
Firewall
SSH
GNE
NE
NE
NE
Sftp server
LAN
sftp client
sftp client
sftp client
sftp client
NMS
Figure 4-5 shows principles of SSH.Protocol layers
SSH client SSH server
Application layer Application layer
Transmission layer
Transmission layer
SSH protocol layer
SSH protocol layer
TCP connection
Transmission p rotocol
Authentication protocol
Session protocol
SSH protocols adopt Client/Server architecture and consist of three layers: transmission layer,authentication layer, and connection layer.
Transmission protocols
Transmission protocols are used to establish a secure encryption channel between the SSHclient and SSH server. In this manner, confidentiality of data that requires high security in
transmission, such as authentication and data exchange, is protected.
The transmission layer provides origin authentication and integrity check, and enables a clientto authenticate a server.
The transmission protocols run on top of the TCP/IP connection. The well-known portnumber used by the HHS server is 22.
Authentication protocols
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
26/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
23
Authentication protocols run on top of transmission protocols and process authenticationrequests.
Connection protocols
Connection protocols divide an encryption channel into multiple logical channels for differentapplications. Connection protocols run on top of authentication protocols and provide servicessuch as sessions and execution of remote commands.
Negotiation of SSH is described as follows:
1. Connection establishment
Port number 22 is listened on to establish TCP connections to SSH clients.
2. Version negotiation
The version of the SSH protocol is negotiated on TCP connections. The OptiX RTN 950supports SSHv2.
3. Algorithm negotiation
An SSH client and an SSH server support different encryption algorithm collections, so theyneed to negotiate encryption algorithms when the SSH protocol is running. The algorithmsthat need to be negotiated are as follows:
Key exchange algorithms: are used for generating session keys.
Encryption algorithms: are used for encrypting data.
Host public key algorithms: are used for signing and authentication.
MAC algorithms: are used for integrity protection.
The SSH client and SSH server send to each other the algorithm collection that they
respectively support and the result is the intersection of algorithms supported by both parties.
4. Key exchange
The key exchange and encryption algorithms resulted from step 3 are used to negotiate thekeys required for data communication.
5. User authentication
Password authentication and public key authentication are provided.
6. Service requests
The OptiX RTN 950 supports SFTP clients.
4.2.3 OSPF Protocol
The management plane uses the OSPF protocol to dynamically calculate routes on the entire
network for network management. The OptiX RTN 950 supports OSPFv2 in compliance withRFC 2328 standards. Besides the routing function, the equipment supports authentication
types as follows:
Null authentication
The OSPF packets are not authenticated. That is, the OSPF protocol does not processauthentication on packet reception.
Simple password authentication
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
27/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
24
A "clear" 64-bit password is used for authentication. Simple password authentication guardsagainst the equipment inadvertently joining the routing domain. The OptiX RTN 950s in thesame OSPF domain must be configured with the same password for authentication.
Cryptographic authentication
Cryptographic authentication uses MD5 to calculate the digest. Because the password used tocalculate the digest is never sent over the network, the protection is provided against passive
attacks. When employing cryptographic authentication, the OptiX RTN 950s in the sameOSPF domain must be configured with the same key for authentication.
The equipment uses null authentication as the default authentication. Users can configureauthentication types as required.
4.2.4 NTP Protocol
Network Time Protocol (NTP) is used to synchronize time between NEs. Possible securityloopholes in NTP result in time disturbance on the network. To enhance security of NTP, the
NTP protocol provides the authentication function and access control of local services.
The NTP authentication function verifies validity and integrity of NTP packets. This functionprevents the equipment from incorrect packets and ensures packet exchanges from valid
servers.
Access control of local services enables the system administrator to better control the NTPprotocol. This function prevents NTP information on the equipment from malicious query and
modification. Users have different rights as follows:
Query: Users are authorized to query local NTP services.
Synchronize: Users are authorized to use the local clock as the synchronization source
for other hosts.
Server: is a combination of the rights above.
Peer: Users have full control rights to query, being synchronized, and synchronize other
hosts.
NTP uses MD5 to check whether clients and servers are valid. If a client and server adoptauthentication, keys configured on both parties must be the same and be reliable.Table 4-4
shows the authentication relationship.
Table 4-4Authentication relationship
Server Client Authentication
Enabled Enabled Pass
Enabled Disabled Pass
Disabled Disabled Pass
Disabled enabled Not pass
NTP complies with RFC 1305 standards.Figure 4-6 shows working principles of NTP time
synchronization.Principles of NTP time synchronization
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
28/37
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
29/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
26
Table 4-5Packet verification rules for Layer 2 protocols
Protocol Verification Rule
IGMP An IGMP packet is discarded when any of the following conditions is met:
Checksum of the IP header and checksum of the IGMP are incorrect. The TTL value of the IP header is not 1.
The source IP address is an invalid unicast address.
The multicast IP address is invalid. It is not in the multicast IP address
range, that is, 224.0.1.0 to 239.255.255.255.
The destination IP address mismatches the destination MAC address.
BPDU DMAC = 01-80-c2-00-00-00 or 01-80-c2-00-00-08
Each protocol packet is verified according to the corresponding protocol.
LACP DMAC = 01-80-c2-00-00-02EthType = 0x8809
EthSubType = 0x01
Each TLV is verified according to the corresponding protocol.
Eth-OAM
(802.1ag)
DMAC = 01-80-c2-00-00-02
EthType = 0x8809
EthSubType = 0x01
Each TLV is verified according to the corresponding protocol.
Eth-OAM
(802.3ah)
EthType = 0x8809 (private) or 0x8902 (IEEE 802.1ag standard)
Each protocol packet is verified according to the corresponding protocol.
ERPS DMAC = 01-19-A7-00-00-01
Each protocol packet is verified according to the corresponding protocol.
Robust Measures
Countermeasures under abnormal conditions are as follows:
According ITU-T G.8032, R-APS packets are transmitted within an Ethernet ring and the
R-APS packets at ports not on the ring are not extracted or processed, so the robustnessof ring network protocols is improved.
4.3 Network Services
4.3.1 Threats
As described previously, data services are under the following threats:
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
30/37
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
31/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
28
and a network may be congested when flow bursts occur. Flow control can prevent such
scenarios and ensure secure and stable operation of the network.
Suppressing broadcast flow
Broadcast storm suppression: The broadcast flow is limited and the flow that exceeds
the limit is discarded.
Broadcast storm suppression enabled based on port: After broadcast stormsuppression is enabled at a port, the broadcast flow at the port is discarded when the
broadcast flow exceeds the broadcast flow suppression threshold. The defaultthreshold is 30%.
Setting of broadcast flow suppression threshold: The threshold specifies the broadcast
flow that a port allows. When the actual broadcast flow exceeds the threshold, theexcess broadcast flow is discarded to ensure that the proportion of the broadcast flow
is within a proper range. This prevents a broadcast storm and network congestion sothe network services can run normally.
Discarding unknown unicast packets
Unknown unicast packets can be discarded or forwarded.
Discarding unknown multicast packets
Unknown multicast packets can be discarded or forwarded.
Monitoring port flow
The flow at a port is monitored. When packets are received at rate faster than the specified
threshold, a flow threshold-crossing alarm is reported, prompting a user to take preventive
measures.
Limiting service flow using QoS
Figure 4-7QoS network model
The QoS function of the equipment can be implemented in the DiffServ mode. A network is
divided into several DiffServ domains (DS domains for short). A DS edge node classifies theflow entering a DS domain and identifies the flow of different service types with different
PHBs. The PHB information is forwarded to all nodes in the DS domain. Then the nodes inthe DS domain perform flow control on the services based on the PHBs. The flow control
measures include CAR, flow shaping, and queue scheduling.
Loop Prevention
If a loop is generated on a Layer 2 switching network, packets will be duplicated and cycledin the loop, and therefore a broadcast storm occurs. In this case, all available bandwidth
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
32/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
29
resources will be occupied by the broadcast storm and the network will be unavailable. The
OptiX RTN 950 prevents network loops mainly by the following means:
Detection of self-loops at service ports
The equipment can detect whether a service port is self-looped by transmitting and receivingprotocol packets.
Blocking of self-looped ports
After self-loop detection and blocking of self-looped ports are enabled, a port is blocked to
prevent a broadcast storm when the port is self-looped.
Detection of Ethernet loopbacksBy indicating Ethernet service IDs and logical ports,
users can detect service loops and set whether to automatically disconnect loops. If a serviceloop is detected and automatic disconnection is enabled, the Ethernet VLAN service is
automatically disconnected. Users will receive alarms of service disconnection.Scenario of aservice loop
NOTE
This function is only supported by packet service boards.
Discarding of Incorrect PacketsIncorrect packets include packets with missing fields, disordered packets, duplicated packets,
and excessively large or small packets. Incorrect packets may be forged by malicious users, or
caused by bit errors on the transmission line, or caused by abnormal processing of theequipment hardware. Processing incorrect packets brings extra load to the equipment and
reduces the bandwidth for normal services. Therefore, incorrect packets must be identifiedand discarded.
The following incorrect packets are discarded:
A packet whose source MAC address and destination MAC address are the same
A packet whose size is smaller than 46 bytes
A packet whose size is greater than the maximum transmission unit (MTU)
An excessively large packet whose DATA is greater than 65535 bytes
A packet whose FCS (CRC) is incorrect
Access Control of Layer 2 Services
Access control of Layer 2 services is provided to filter out unauthorized user data.
Static MAC address table
For E-LAN services, static MAC addresses can be added to, deleted from, and queried in thestatic MAC address table. When the MAC address learning function is disabled, MAC
addresses must be added to the static MAC address table to ensure that services are forwarded
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
33/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
30
properly. If the MAC address of a service does not match the static MAC address table, the
service is considered as invalid and is discarded.
Black list
For E-LAN services, MAC addresses can be added to, deleted from, and queried in the blacklist. Services whose MAC addresses are in the black list are considered as invalid and filtered
out.
Disable of MAC address learning
E-LAN services can filter out invalid packets after MAC address learning is disabled.
When MAC address learning is enabled, the equipment can learn the MAC addresses.
When MAC address learning is disabled, the equipment can forward E-LAN services andfilter out invalid MAC addresses after static MAC addresses are configured.
NOTE
This function is only supported by packet service boards.
Packet filter based on complex flow classification
Data flow is managed according to complex flow classification, preventing attacks of a largenumber of packets and invalid packets.
Complex rules are used for flow classification. For example, packets can be classifiedaccording toCVLANID,CVLANPRI,SVLANID,SVLANPRI,CVLAN+CVLNAPRI,SVLAN+SVLANPR
I or IP-DSCP. After being filtered based on the complex flow classification, packets areforwarded or discarded.
Discarding: A data flow is discarded if the data flow does not comply with rules in anACL.
Forwarding: A data flow is forwarded if the data flow complies with rules in an ACL.
NOTE
This function is only supported by packet service boards.
Service Separation
The following logical and physical separation methods are provided to prevent malicious datatheft and reduce the impact of the broadcast flow.
Layer 2 logical separation
Virtual local area network (VLAN) is the basic unit for managing network data equipment. A
VLAN is a logical subnet or a logical broadcast domain. Users are allocated to differentVLANs so that they cannot communicate with each other at Layer 2. In this manner, logical
separation is achieved for Layer 2 services. In addition, after VLANs are divided, thebroadcast flow is limited in each broadcast domain, which limits the broadcast range.
The OptiX RTN 950 supports identification and forwarding of VLAN tags, and switching ofVLAN tags.Figure 4-9 shows an example of V-LAN services.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
34/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 4 Network Security
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
31
Figure 4-9Scenario of the QinQ service
Users who create an Ethernet private network can separate services by configuring the"Hub/Spoke" attribute of logical ports. Services between Spoke ports are separate, so Spoke
ports cannot communicate with each other. NOTE The "Hub/Spoke" feature is only supported by EOS boards.
Split horizon
A group of physical or logical ports that cannot communicate with each other on the localequipment are configured to prevent service loops and separate services for different users. In
this manner, service security is ensured.
The OptiX RTN 950 supports creation of split horizon groups for L2VPN services, andsupports adding and deleting of group members.
NOTE
This function is only supported by packet service boards.
Physical path separation
Services for different users are carried on different physical paths. In this manner, services do
not share physical paths or communicate with each other at the physical layer, and thereforeservice security is ensured.
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
35/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 5 Appendix
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
32
5 AppendixA-1 Standards Compliance
Table 5-1 shows the security standards that the OptiX RTN 950 complies with.
Table 5-1Standards compliance
Related Standard Description
ITU-T G.8011.1 Ethernet private line service
ITU-T G.8011.2 Ethernet virtual private line service
ITU-T G.8261/Y.1361 Timing and synchronization aspects in Packet Networks
ITU-T G.8262/Y.1362 Timing characteristics of synchronous Ethernet equipment slaveclock
ITU-T G.8032/Y.1344 Ethernet Ring Protection Switching
RFC 2474 Definition of the Differentiated Services Field(DS Field) in the
IPv4 and IPv6 Headers
RFC 2819 Remote Network Monitoring Management Information Base
RFC 0793 Transmission Control Protocol
RFC 0768 User Datagram Protocol
RFC 0791 Internet Protocol, Version 4 (IPv4)
RFC 0792 Internet Control Message Protocol
RFC 0826 An Ethernet Address Resolution Protocol
RFC 0894 A Standard for the Transmission of IP Datagrams over EthernetNetworks
RFC 2516 A Method for Transmitting PPP Over Ethernet (PPPoE)
RFC 1661 The Point-to-Point Protocol (PPP)
RFC 1662 PPP in HDLC-like Framing
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
36/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 5 Appendix
Issue 02 (2012-07-28) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
33
Related Standard Description
RFC 1332 The PPP Internet Protocol Control Protocol (IPCP)
RFC 1990 The PPP Multilink Protocol (MP)
RFC 2131 Dynamic Host Configuration Protocol
RFC 2328 OSPF Version 2
RFC 2246 Security Socket Layer 3.0/ TLS 1.0
RFC 1305 Network Time Protocol 3.0
IEEE 802.3ah Media Access Control Parameters, Physical Layers, and
Management Parameters for Subscriber Access Networks
IEEE 802.1ad Virtual Bridged Local Area Networks Amendment 4: Provider
Bridges
IEEE 802.1ag Virtual Bridged Local Area Networks Amendment 5:Connectivity Fault Management
A-2 Acronyms and Abbreviations
Table 5-2Acronyms and abbreviations
Acronym and Abbreviation Full Name
ACL Access Control List
CAR Committed Access Rate
DCN Data Communication Network
DNS Domain Name System
ECC Embedded Control Channel
FTP File Transfer Protocol
GNE Gate Network Element
HTTP Hyper-Text Transmission Protocol
ID IDentification
IEEE Institute of Electrical and Electronics Engineers
IF Intermediate Frequency
IP Internet Protocol
ISO International Organization for Standardization
ISP Internet Service Provider
8/10/2019 RTN 950 V100R003C03 Security White Paper 02
37/37
OptiX RTN 950 Radio Transmission System
V100R003C03
Security White Paper 5 Appendix
Acronym and Abbreviation Full Name
ITU-T International Telecommunication Union-Telecommunication Standardization Sector
LAN Local Area Network
LCT Local Craft Terminal
NMS Network Management System
OAM Operation Administration and Maintenance
ODU Outdoor Unit
OSI Open Systems Interconnection
OSS Operation Support System
OSPF Open Shortest Path First
PDH Plesiochronous Digital Hierarchy
QoS Quality of Service
RMON Remote Monitoring
RTN Radio Transmission Node
SDH Synchronous Digital Hierarchy
SNMP Simple Network Management Protocol
TCP/IP Transmission Control Protocol/ Internet Protocol
VLAN Virtual Local Area Network