cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
94
Views
0
Helpful
1
Replies
Highlighted
Cisco Employee

NSO CDB replication secure?

 

Hi,

 

We are currently implementing NCS HA between two DCs and we are seeing that by default the CDB replication traffic is not encrypted.  Do we already have a secure solution for NCS HA suitable for cross site?

 

Many thanks,
Rich

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

 

Richard,

 

We are currently implementing NCS HA between two DCs and we are seeing that by default the CDB replication traffic is not encrypted.  Do we already have a secure solution for NCS HA suitable for cross site?

 

I'd suggest using an SSH tunnel for this traffic. The same is true for any NCS applications that might run off the NCS node.

 

The NCS management interfaces, where operators, OSS systems, etc above NCS come in are encrypted with SSH or TLS. The device communication is often encrypted using SSH or other schemes, but depending on the device/NED type your mileage may vary.

 

Best Regards,

 

/jan

 

View solution in original post

1 REPLY 1
Highlighted
Cisco Employee

 

Richard,

 

We are currently implementing NCS HA between two DCs and we are seeing that by default the CDB replication traffic is not encrypted.  Do we already have a secure solution for NCS HA suitable for cross site?

 

I'd suggest using an SSH tunnel for this traffic. The same is true for any NCS applications that might run off the NCS node.

 

The NCS management interfaces, where operators, OSS systems, etc above NCS come in are encrypted with SSH or TLS. The device communication is often encrypted using SSH or other schemes, but depending on the device/NED type your mileage may vary.

 

Best Regards,

 

/jan

 

View solution in original post

This widget could not be displayed.