ENZ2000 modem server

Data security of the modem server

According to a case study published in an American journal, 91 % of unauthorized tampering attempts in networks are successful using modems that are designed for "other uses".

As a Client-Server network software, the strength of the ENZ2000 is in its full integration in a network environment. This requires special protection of the network against network penetration from the outside, as the actual task of the system is the communication with devices and this involves the connection of modems to the network. And this, of course, presents an inherent danger of unauthorized access and tampering from the outside. Nevertheless, it can be verified that - if proper precautions are taken - appropriate protection against data manipulation can ward off unauthorized access to all components of the system.

For this, there are three essential prerequisites that have to be fulfilled within the framework of development.

(1) The communication and the control itself is relocated to an intrinsic process component, that can be operated, controlled and installed in a monitored computer system independent of other components.

(2) The design of the software permits operation of the modems only in the protocols that are supported by the software. All other communication and access attempts are denied from the very beginning.

(3) The entitled user himself has consistent and exclusive access to the system administration. This ensures that the security mechanisms, which are used in other systems of the user are not breached or avoided, and constant monitoring of the system configuration can be carried out by the operator or his data processing department. What exactly does this mean?

Relocation of communications processes

Critical issues in a secured data processing environment are the links to the outside. This includes modems as well as Internet gateways or other network portals, through which - potential hackers attempt to penetrate into company networks.

As already mentioned the ENZ2000 uses a corresponding modem server for communication. If one wants to operate a truly secured system, this should be done on an intrinsic computer. The modem server itself should not have, apart from the software program MOD-2000, any other software packages, network portals or even databases installed.

If the MOD-2000 program has the constant and exclusive control of the modems, no intruder can gain access to the system. Windows NT offers the appropriate mechanisms to monitor this and thus allocate the task to the respective system.

Fixed protocol standards

Secondly, the modem server permits only certain protocol methods. These are the meter protocols implemented in the software and long-range communications technology such as FNP, SCTM, IEC-870/5, DLMS or others. All these protocols have object-oriented treatment of messaging in common.

The transmission methods run according to a certain raster and execution can be controlled and monitored by the software. The extent of the risk of manipulation and tampering depends on cautious handling of access PINs as well as the respective protocol.

FNP provides the greatest security among the commonly used meter protocols because the identification of the transceiver is packaged in the messaging. Other protocols have not any other (IEC, DIN) or only one sender identification (SCTM, LSV-1). Otherwise, a caller can not gain "free" communication with the modem server software; that means can not pose queries or record over programs.

System administration

Thirdly and most importantly, the software is so secure and stable in design that even through incorrect or improper handling it can not be breached.

The user's administrator must, as in the case of other company software systems, pay attention that no other software can be installed on the modem server. As already mentioned, non-stipulated modems are the main targets for penetration of a network system.

Secure your environment