docs/books/modules/user-guide/security-guidelines.adoc - qpid-dispatch - Git at Google

 ////
 Licensed to the Apache Software Foundation (ASF) under one
 or more contributor license agreements.  See the NOTICE file
 distributed with this work for additional information
 regarding copyright ownership.  The ASF licenses this file
 to you under the Apache License, Version 2.0 (the
 "License"); you may not use this file except in compliance
 with the License.  You may obtain a copy of the License at

   http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing,
 software distributed under the License is distributed on an
 "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 KIND, either express or implied.  See the License for the
 specific language governing permissions and limitations
 under the License
 ////

 // This module is included in the following assemblies:
 //
 // router-deployment-guidelines.adoc

 [id='security-guidelines-{context}']
 = Security guidelines

 In the router network, the interior routers should be secured with a strong authentication mechanism in which they identify themselves to each other. You should choose and plan this authentication mechanism before creating the router network.

 [WARNING]
 ====
 If the interior routers are not properly secured, unauthorized routers (or endpoints pretending to be routers) could join the router network, compromising its integrity and availability.
 ====

 You can choose a security mechanism that best fits your requirements. However, you should consider the following recommendations:

 * Create an X.509 Certificate Authority (CA) to oversee the interior portion of the router network.

 * Generate an individual certificate for each interior router.
 +
 Each interior router can be configured to use the CA to authenticate connections from any other interior routers.
 +
 [NOTE]
 ====
 Connections from edge routers and clients can use different levels of security, depending on your requirements.
 ====

 By using these recommendations, a new interior router cannot join the network until the owner of the CA issues a new certificate for the new router. In addition, an intruder wishing to spoof an interior router cannot do so because it would not have a valid X.509 certificate issued by the network's CA.
	////
	Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License
	////

	// This module is included in the following assemblies:
	//
	// router-deployment-guidelines.adoc

	[id='security-guidelines-{context}']
	= Security guidelines

	In the router network, the interior routers should be secured with a strong authentication mechanism in which they identify themselves to each other. You should choose and plan this authentication mechanism before creating the router network.

	[WARNING]
	====
	If the interior routers are not properly secured, unauthorized routers (or endpoints pretending to be routers) could join the router network, compromising its integrity and availability.
	====

	You can choose a security mechanism that best fits your requirements. However, you should consider the following recommendations:

	* Create an X.509 Certificate Authority (CA) to oversee the interior portion of the router network.

	* Generate an individual certificate for each interior router.
	+
	Each interior router can be configured to use the CA to authenticate connections from any other interior routers.
	+
	[NOTE]
	====
	Connections from edge routers and clients can use different levels of security, depending on your requirements.
	====

	By using these recommendations, a new interior router cannot join the network until the owner of the CA issues a new certificate for the new router. In addition, an intruder wishing to spoof an interior router cannot do so because it would not have a valid X.509 certificate issued by the network's CA.