1. Do INSYS routers permit a debugging operation?
For a debugging by the customer, INSYS routers support the use of several profiles, i.e. different configurations that can be changed over. If it is necessary for troubleshooting for example to disable IT security functions temporarily, this is possible using a second profile. This can then be provided with a timer that changes back to the secure profile after the expiry of a set time automatically.
2. How do I see if a configuration has been modified?
INSYS routers permit to download and store a profile, i.e. a configuration. Different profiles on the router can be compared and the differences can be shown for a quick comparison. An event can be added that dispatches a message via SMS, e-mail, SNMP or MCIP upon a change of the configuration. Moreover, a profile hash exists for each profile that changes with any modification of the configuration (but also firmware) and can be monitored.
3. What happens if someone logs in to the router (without success)?
An event can be added that dispatches a message via SMS, e-mail, SNMP or MCIP upon both, successful and unsuccessful login attempts. These login attempts will then be recorded in the Events log. This permits to detect brute force attacks. INSYS routers do not perform an authentication check within 3 seconds upon a failed authentication attempt and delay a repeated authentication attempt accordingly.
4. What is the difference between an ASCII configuration file and a profile in binary format?
A profile can be downloaded as an ASCII configuration file or as a binary file. An ASCII configuration file contains the settings in clear text and can be edited. All IT security-relevant information like passwords will be removed and replaced by replacement characters with this. A profile in binary format is encrypted and contains all settings including passwords, certificates and keys. It can neither be edited nor read. It can be used for storing the configuration and their transmission to further routers.
5. Which data contains a support packet and how are these data handled by INSYS?
The status of the running router and the complete configuration can be combined to a support packet. This collects all relevant data in one sweep to provide a good troubleshooting basis when using the support of the manufacturer. The support packet will be encrypted so that the secret passwords or keys contained in it cannot be read out unauthorised in case of an insecure dispatch of the support packet. A prepared support packet will be deleted with the next restart of the device. A support packet can only be decrypted by INSYS. The support team has then only access to such data that are also visible in clear text in the web interface, i.e. they have no access to user passwords for example. All data will only be used for customer support and deleted completely upon closing the support case.
6. Do INSYS routers have a back-door?
No! A configuration of the routers, an input and output or any processing of data are only possible using the combinations of individual identification and password selected by the user. On request, we will send you our Manufacturer’s Declarations IT Security and Anti-Backdoor Policy and Secure Data Transport in Remote Operation Systems.
7. Where do I get the latest firmware for my INSYS router?
The latest firmware for your INSYS router is available on the Release Notes site. Moreover, the router can be configured such that it will look for updates regularly using the auto update function and update itself automatically.
8. How can I verify that a firmware file is genuine from INSYS?
Only use firmware files from above source. A manipulated firmware file will be detected during upload and refused.