CommScope recommends that access to all ServAssure NXT systems and applications be performed securely, and by authorized personnel only. SSH (Secure Shell Protocol) access to all hosts must be secured and controlled.
ServAssure NXT is not designed to be compatible with the highest levels of operating system security or software-based firewalls. In general, ServAssure NXT is not compatible with any system or application that:
- restricts traditional UNIX root privileges
- interferes with the use of traditional UNIX networking system calls from the software
- interferes with connections between ServAssure NXT applications to any other system hosting ServAssure NXT applications.
Under Linux, this restriction can be achieved through measures such as:
- Physical access control.
- Strong passwords or SSH keys.
- System monitoring.
- Well-designed and dedicated firewalls.
ServAssure NXT requires that there be an "arris" user and group configured on each node. If an "arris" user does not exist, ServAssure NXT can create one for you and allow you to choose the password for this user. The "arris" user is used to start ServAssure NXT-specific applications, as well as own the data in /opt/arris.
