ONES Security
Last updated
Last updated
Copyright © Aviz Networks, Inc.
ONES is a support application for SONiC stack. It is designed for customer's engineering team such as SRE’s, HW and SW engineering teams for their daily network diagnosis and troubleshooting needs. In addition to that ONES exposes the API to integrate with external tools or customer homegrown applications.
Role Based Access
ONES provide RBAC support for creating dedicated user accounts. it has a super admin account which can manage these user accounts for control and permissions
Secure Access to Application
ONES Application provides HTTPS over standard port 443 supporting both self-signed and CA-signed certificates
Secure Access to switches
Auto-discovery communication between Agent and collector using a secure channel(SSL/TLS) with certificates (self-signed and CA-signed certificates
API Access
ONES Application provides HTTPS over standard port 443 supporting both self-signed and CA-signed certificates, the API is available via time-bound authentication tokens.
ONES application provides HTTPs over standard port 443 supporting both self-signed and CA signed certificates.
HTTPS Support CA Signed
HTTPS Self Signed
ONES utilizes gRPC infrastructure to communicate with switch agents. TLS (Transport Layer Security) is the primary security protocol used by gRPC to secure communication between the client and the server. TLS provides authentication, confidentiality, and integrity of data. Authentication is achieved using digital certificates, which verify the identity of the client and the server.
With an added extra layer of security, ONESv1.3 support Certificate based communication between switches and ONES Controller, and all the metrics will be streamed using the certificate-based encryption