GenieACS info

Dan Morphis dan at milkcarton.com
Tue Feb 24 14:19:25 EST 2015


I can't speak to the specs required right now because I haven't done any
load testing.

Right now you can do ACS -> CPE authentication. This can be configured in
the /config/auth.js file.

Zaid said that support for CPE -> ACS will be added soon. You can enable
CPE -> ACS authentication on your CPE, but currently GenieACS will not send
back a 401 (Unauthorized) response. At least on the SmartRG CPE I have on
my desk, it will continue talking to the ACS without doing authentication
because it doesn't get the 401.

Because I know a little bit about your implementation Richard, I would
highly recommend you enable ACS -> CPE authentication. This will prevent
outsiders from causing your CPE to DOS your ACS. In my environment, we have
the TR069 client on the CPE bound to a separate, non-public interface we
can get away with not doing ACS -> CPE authentication.

As for SSL, the SmartRG, BEC, Zhone and ComTrend (all Broadcom based) CPE's
I have tested don't care if you are using a self-signed certificate.

I hope this helps!

-dan

On Tue, Feb 24, 2015 at 8:51 AM, Richard Verbrugge <
richard.verbrugge at myhighspeed.ca> wrote:

> I’m trying to get a sense of details for GenieACS.
>
> I’m currently running GenieACS on a 1 process, 2GB mem, 20GB vm.
>
> What hardware is advised?
>
> What is the capacity that GenieACS can handle?
>
> What sort of security is in place? (I’ve seen SSL?)
>
>
>
> Thanks!
>
> /RV
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.genieacs.com
> http://lists.genieacs.com/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genieacs.com/pipermail/users/attachments/20150224/46935f45/attachment.html>


More information about the Users mailing list