USB Security

Question

A single client Windows server is connecting to a Digi AnywhereUSB/14 (AW-USB-14-W)

How do I prevent a second PC from accidentally (or intentionally) connecting to the hub and mapping to the same USB ports?

Username/password or keys?

Answer 1

Currently there is no way to prevent a second computer from connecting to the AW/14 This has been added as a feature improvement for the AnywhereUSB products.

Comments

To further clarify, if the first host computer is already connected (to one or more ports via the "Group" nomenclature), then another host computer cannot connect to that Group at that point in time.  In other words, the other host computer cannot "steal" an active connection.  However, if the host computer that's already connected is shut down, rebooted, or has network connectivity issues, then another host computer can connect at that time.

---

So it's first come first served - which will prevent a second host connecting.
Does the certificate functionality also limit the connection opertunities to only hosts with a valid cert?

---

If you disable the general / unencrypted AnywhereUSB network service on port 3422 TCP and enable the encrypted AnywhereUSB network service (allowing only encrypted connections) then using certificates may actually be a workaround in order to only allow certain host computers to connect to the AnywhereUSB.

Keep in mind though that the performance of the USB devices may be impacted by the encryption, so this may or may not be feasible for your specific application, depending.

Answer 2

A cert only ensure the connection to the host computer is secure. I know Digi has already discussed adding ip filtering to the AnywhereUSB products.