Wiki mirrorView source
Security features
In the table below you can find all the security features supported by Teltonika's devices.
| Category | Feature | Default | Purpose/Description |
|---|---|---|---|
| DDoS Protection | SYN Flood Protection | On | Blocks excessive SYN requests to prevent resource exhaustion. |
| Ping Flood Protection | Off | Mitigates ICMP (Ping) flood attacks. | |
| SSH Attack Prevention | Off | Blocks excessive SSH requests. | |
| HTTP Attack Prevention | Off | Blocks excessive HTTP requests. | |
| HTTPS Attack Prevention | Off | Blocks excessive HTTPS requests. | |
| Custom Configuration | Custom Rules | Empty | Allows adding custom firewall rules via iptables commands. |
| DMZ | Off | Allows separating LAN-side network into separate zones with heavily restricted access. | |
| Port Scan & TCP Attack Protection | Port Scan Prevention | Off | Detects and blocks port scanning attempts. |
| SYN-FIN Attack | Off | Blocks packets with both SYN and FIN flags set. | |
| SYN-RST Attack | Off | Prevents abrupt TCP session resets. | |
| X-Mas Attack | Off | Blocks TCP packets with multiple unusual flags set. | |
| FIN Scan | Off | Blocks FIN packets used to bypass firewalls. | |
| NULL Flags Attack | Off | Blocks TCP packets with no flags set. | |
| Access Control – Remote | SSH Access | Off | Disabled by default; use only with strong passwords. |
| HTTP Access | Off | Disabled by default; use only with strong passwords. | |
| HTTPS Access | Off | Disabled by default; use only with strong passwords. | |
| CLI Access | Off | Disabled by default; use only with strong passwords. | |
| Access Control – Local | SSH Access | On | Allows local configuration over LAN. |
| HTTP Access | On | Allows local WebUI configuration over LAN. | |
| HTTPS Access | On | Allows local WebUI configuration over LAN. | |
| CLI Access | On | Allows local command-line configuration over LAN. | |
| Login Protection | SSH Login Attempts | On | Blocks IP after 10 failed attempts (default). |
| WebUI Login Attempts | On | Blocks IP after 10 failed attempts (default). | |
| Configuration Security | SMS Utilities | Admin password | SMS commands require admin password. |
| Default Admin Password | On | Default password is present on the device label. | |
| Certificates | Root CA | Preloaded | Default root certificate included; can be replaced. |
| Other Protections | UPnP | Not installed / Off | Disabled to prevent unauthorized port forwarding. |
| UART Interface | Admin password | Requires password to prevent unauthorized physical access. |
RUTxxx series security features
In the table below you can find all the security features supported by Teltonika's RUTxxx series devices.
| Category | Feature | Default | Purpose/Description |
|---|---|---|---|
| DDoS Protection | SYN Attack Protection | On | Blocks excessive SYN requests to prevent resource exhaustion. |
| Ping Attack Protection | Off | Mitigates ICMP (Ping) flood attacks. | |
| SSH Attack Prevention | Off | Blocks excessive SSH requests. | |
| HTTP Attack Prevention | Off | Blocks excessive HTTP requests. | |
| HTTPS Attack Prevention | Off | Blocks excessive HTTPS requests. | |
| Custom Configuration | Custom Rules | Empty | Allows adding custom firewall rules via iptables commands. |
| DMZ | Off | Allows separating LAN-side network into separate zones with heavily restricted access. | |
| Port Scan & TCP Attack Protection | Port Scan Prevention | Off | Detects and blocks port scanning attempts. |
| SYN-FIN Attack | Off | Blocks packets with both SYN and FIN flags set. | |
| SYN-RST Attack | Off | Prevents abrupt TCP session resets. | |
| X-Mas Attack | Off | Blocks TCP packets with multiple unusual flags set. | |
| FIN Scan | Off | Blocks FIN packets used to bypass firewalls. | |
| NULL Flags Attack | Off | Blocks TCP packets with no flags set. | |
| Access Control – Remote | SSH Access | Off | Disabled by default; use only with strong passwords. |
| HTTP Access | Off | Disabled by default; use only with strong passwords. | |
| HTTPS Access | Off | Disabled by default; use only with strong passwords. | |
| CLI Access | Off | Disabled by default; use only with strong passwords. | |
| Access Control – Local | SSH Access | On | Allows local configuration over LAN. |
| HTTP Access | On | Allows local WebUI configuration over LAN. | |
| HTTPS Access | On | Allows local WebUI configuration over LAN. | |
| CLI Access | On | Allows local command-line configuration over LAN. | |
| Login Protection | SSH Login Attempts | On | Blocks IP after 10 failed attempts (default). |
| WebUI Login Attempts | On | Blocks IP after 10 failed attempts (default). | |
| Configuration Security | SMS Utilities | Admin password | SMS commands require admin password. |
| Default Admin Password | On | Default password is present on the device label. | |
| Certificates | Root CA | Preloaded | Default root certificate included; can be replaced. |
| Other Protections | UPnP | Not installed / Off | Disabled to prevent unauthorized port forwarding. |
| UART Interface | Admin password | Requires password to prevent unauthorized physical access. |
RUTXxxx series security features
In the table below you can find all the security features supported by Teltonika's RUTXxxx series devices.
| Category | Feature | Default | Purpose/Description |
|---|---|---|---|
| DDoS Protection | SYN Attack Protection | On | Blocks excessive SYN requests to prevent resource exhaustion. |
| Ping Attack Protection | Off | Mitigates ICMP (Ping) flood attacks. | |
| SSH Attack Prevention | Off | Blocks excessive SSH requests. | |
| HTTP Attack Prevention | Off | Blocks excessive HTTP requests. | |
| HTTPS Attack Prevention | Off | Blocks excessive HTTPS requests. | |
| Custom Configuration | Custom Rules | Empty | Allows adding custom firewall rules via iptables commands. |
| DMZ | Off | Allows separating LAN-side network into separate zones with heavily restricted access. | |
| Port Scan & TCP Attack Protection | Port Scan Prevention | Off | Detects and blocks port scanning attempts. |
| SYN-FIN Attack | Off | Blocks packets with both SYN and FIN flags set. | |
| SYN-RST Attack | Off | Prevents abrupt TCP session resets. | |
| X-Mas Attack | Off | Blocks TCP packets with multiple unusual flags set. | |
| FIN Scan | Off | Blocks FIN packets used to bypass firewalls. | |
| NULL Flags Attack | Off | Blocks TCP packets with no flags set. | |
| Access Control – Remote | SSH Access | Off | Disabled by default; use only with strong passwords and appropriate firewall rules. |
| HTTP Access | Off | Disabled by default; unencrypted traffic, avoid usage. | |
| HTTPS Access | Off | Disabled by default; use only with strong passwords and appropriate firewall rules. | |
| CLI Access | Off | Disabled by default; use only with strong passwords and appropriate firewall rules. | |
| Access Control – Local | SSH Access | On | Allows local configuration over LAN. |
| HTTP Access | On | Allows local WebUI configuration over LAN. Unencrypted traffic, avoid usage. | |
| HTTPS Access | On | Allows local WebUI configuration over LAN. | |
| CLI Access | On | Allows local command-line configuration over LAN. | |
| Login Protection | SSH Login Attempts | On | Blocks IP after 10 failed attempts (default). |
| WebUI Login Attempts | On | Blocks IP after 10 failed attempts (default). | |
| Configuration Security | SMS Utilities | Admin password | SMS commands require admin password. |
| Default Admin Password | On | Default password is present on the device label. | |
| Certificates | Root CA | Preloaded | Default root certificate included; can be replaced. |
| Other Protections | UPnP | Not installed / Off | Disabled to prevent unauthorized port forwarding. |
| UART Interface | Admin password | Requires password to prevent unauthorized physical access. | |
| TPM | On | Enabled by default. Securely stores cryptographic keys and other sensitive data. |
RUTMxxx series security features
In the table below you can find all the security features supported by Teltonika's RUTMxxx series devices.
| Category | Feature | Default | Purpose/Description |
|---|---|---|---|
| DDoS Protection | SYN Attack Protection | On | Blocks excessive SYN requests to prevent resource exhaustion. |
| Ping Attack Protection | Off | Mitigates ICMP (Ping) flood attacks. | |
| SSH Attack Prevention | Off | Blocks excessive SSH requests. | |
| HTTP Attack Prevention | Off | Blocks excessive HTTP requests. | |
| HTTPS Attack Prevention | Off | Blocks excessive HTTPS requests. | |
| Custom Configuration | Custom Rules | Empty | Allows adding custom firewall rules via iptables commands. |
| DMZ | Off | Allows separating LAN-side network into separate zones with heavily restricted access. | |
| Port Scan & TCP Attack Protection | Port Scan Prevention | Off | Detects and blocks port scanning attempts. |
| SYN-FIN Attack | Off | Blocks packets with both SYN and FIN flags set. | |
| SYN-RST Attack | Off | Prevents abrupt TCP session resets. | |
| X-Mas Attack | Off | Blocks TCP packets with multiple unusual flags set. | |
| FIN Scan | Off | Blocks FIN packets used to bypass firewalls. | |
| NULL Flags Attack | Off | Blocks TCP packets with no flags set. | |
| Access Control – Remote | SSH Access | Off | Disabled by default; use only with strong passwords. |
| HTTP Access | Off | Disabled by default; use only with strong passwords. | |
| HTTPS Access | Off | Disabled by default; use only with strong passwords. | |
| CLI Access | Off | Disabled by default; use only with strong passwords. | |
| Access Control – Local | SSH Access | On | Allows local configuration over LAN. |
| HTTP Access | On | Allows local WebUI configuration over LAN. | |
| HTTPS Access | On | Allows local WebUI configuration over LAN. | |
| CLI Access | On | Allows local command-line configuration over LAN. | |
| Login Protection | SSH Login Attempts | On | Blocks IP after 10 failed attempts (default). |
| WebUI Login Attempts | On | Blocks IP after 10 failed attempts (default). | |
| Configuration Security | SMS Utilities | Admin password | SMS commands require admin password. |
| Default Admin Password | On | Default password is present on the device label. | |
| Certificates | Root CA | Preloaded | Default root certificate included; can be replaced. |
| Other Protections | UPnP | Not installed / Off | Disabled to prevent unauthorized port forwarding. |
| UART Interface | Admin password | Requires password to prevent unauthorized physical access. | |
| TPM | On | Enabled by default. Securely stores cryptographic keys and other sensitive data. |
RUTCxxx series security features
| Category | Feature | Default | Purpose/Description |
|---|---|---|---|
| DDoS Protection | SYN Attack Protection | On | Blocks excessive SYN requests to prevent resource exhaustion. |
| Ping Attack Protection | Off | Mitigates ICMP (Ping) flood attacks. | |
| SSH Attack Prevention | Off | Blocks excessive SSH requests. | |
| HTTP Attack Prevention | Off | Blocks excessive HTTP requests. | |
| HTTPS Attack Prevention | Off | Blocks excessive HTTPS requests. | |
| Custom Configuration | Custom Rules | Empty | Allows adding custom firewall rules via iptables commands. |
| DMZ | Off | Allows separating LAN-side network into separate zones with heavily restricted access. | |
| Port Scan & TCP Attack Protection | Port Scan Prevention | Off | Detects and blocks port scanning attempts. |
| SYN-FIN Attack | Off | Blocks packets with both SYN and FIN flags set. | |
| SYN-RST Attack | Off | Prevents abrupt TCP session resets. | |
| X-Mas Attack | Off | Blocks TCP packets with multiple unusual flags set. | |
| FIN Scan | Off | Blocks FIN packets used to bypass firewalls. | |
| NULL Flags Attack | Off | Blocks TCP packets with no flags set. | |
| Access Control – Remote | SSH Access | Off | Disabled by default; use only with strong passwords. |
| HTTP Access | Off | Disabled by default; use only with strong passwords. | |
| HTTPS Access | Off | Disabled by default; use only with strong passwords. | |
| CLI Access | Off | Disabled by default; use only with strong passwords. | |
| Access Control – Local | SSH Access | On | Allows local configuration over LAN. |
| HTTP Access | On | Allows local WebUI configuration over LAN. | |
| HTTPS Access | On | Allows local WebUI configuration over LAN. | |
| CLI Access | On | Allows local command-line configuration over LAN. | |
| Login Protection | SSH Login Attempts | On | Blocks IP after 10 failed attempts (default). |
| WebUI Login Attempts | On | Blocks IP after 10 failed attempts (default). | |
| Configuration Security | SMS Utilities | Admin password | SMS commands require admin password. |
| Default Admin Password | On | Default password is present on the device label. | |
| Certificates | Root CA | Preloaded | Default root certificate included; can be replaced. |
| Other Protections | UPnP | Not installed / Off | Disabled to prevent unauthorized port forwarding. |
| UART Interface | Admin password | Requires password to prevent unauthorized physical access. |
TRBxxx series security features
In the table below you can find all the security features supported by Teltonika's TRBxxx series devices.
| Category | Feature | Default | Purpose/Description |
|---|---|---|---|
| DDoS Protection | SYN Attack Protection | On | Blocks excessive SYN requests to prevent resource exhaustion. |
| Ping Attack Protection | Off | Mitigates ICMP (Ping) flood attacks. | |
| SSH Attack Prevention | Off | Blocks excessive SSH requests. | |
| HTTP Attack Prevention | Off | Blocks excessive HTTP requests. | |
| HTTPS Attack Prevention | Off | Blocks excessive HTTPS requests. | |
| Custom Configuration | Custom Rules | Empty | Allows adding custom firewall rules via iptables commands. |
| DMZ | Off | Allows separating LAN-side network into separate zones with heavily restricted access. | |
| Port Scan & TCP Attack Protection | Port Scan Prevention | Off | Detects and blocks port scanning attempts. |
| SYN-FIN Attack | Off | Blocks packets with both SYN and FIN flags set. | |
| SYN-RST Attack | Off | Prevents abrupt TCP session resets. | |
| X-Mas Attack | Off | Blocks TCP packets with multiple unusual flags set. | |
| FIN Scan | Off | Blocks FIN packets used to bypass firewalls. | |
| NULL Flags Attack | Off | Blocks TCP packets with no flags set. | |
| Access Control – Remote | SSH Access | Off | Disabled by default; use only with strong passwords. |
| HTTP Access | Off | Disabled by default; use only with strong passwords. | |
| HTTPS Access | Off | Disabled by default; use only with strong passwords. | |
| CLI Access | Off | Disabled by default; use only with strong passwords. | |
| Access Control – Local | SSH Access | On | Allows local configuration over LAN. |
| HTTP Access | On | Allows local WebUI configuration over LAN. | |
| HTTPS Access | On | Allows local WebUI configuration over LAN. | |
| CLI Access | On | Allows local command-line configuration over LAN. | |
| Login Protection | SSH Login Attempts | On | Blocks IP after 10 failed attempts (default). |
| WebUI Login Attempts | On | Blocks IP after 10 failed attempts (default). | |
| Configuration Security | SMS Utilities | Admin password | SMS commands require admin password. |
| Default Admin Password | On | Default password is present on the device label. | |
| Certificates | Root CA | Preloaded | Default root certificate included; can be replaced. |
| Other Protections | UPnP | Not installed / Off | Disabled to prevent unauthorized port forwarding. |
| UART Interface | Admin password | Requires password to prevent unauthorized physical access. |
TSWxxx series security features
In the table below you can find all the security features supported by Teltonika's TSWxxx series devices.
| Category | Feature | Default | Purpose/Description |
|---|---|---|---|
| DDoS Protection | SYN Attack Protection | On | Blocks excessive SYN requests to prevent resource exhaustion. |
| Ping Attack Protection | Off | Mitigates ICMP (Ping) flood attacks. | |
| SSH Attack Prevention | Off | Blocks excessive SSH requests. | |
| HTTP Attack Prevention | Off | Blocks excessive HTTP requests. | |
| HTTPS Attack Prevention | Off | Blocks excessive HTTPS requests. | |
| Custom Configuration | Custom Rules | Empty | Allows adding custom firewall rules via iptables commands. |
| DMZ | Off | Allows separating LAN-side network into separate zones with heavily restricted access. | |
| Port Scan & TCP Attack Protection | Port Scan Prevention | Off | Detects and blocks port scanning attempts. |
| SYN-FIN Attack | Off | Blocks packets with both SYN and FIN flags set. | |
| SYN-RST Attack | Off | Prevents abrupt TCP session resets. | |
| X-Mas Attack | Off | Blocks TCP packets with multiple unusual flags set. | |
| FIN Scan | Off | Blocks FIN packets used to bypass firewalls. | |
| NULL Flags Attack | Off | Blocks TCP packets with no flags set. | |
| Access Control – Remote | SSH Access | Off | Disabled by default; use only with strong passwords. |
| HTTP Access | Off | Disabled by default; use only with strong passwords. | |
| HTTPS Access | Off | Disabled by default; use only with strong passwords. | |
| CLI Access | Off | Disabled by default; use only with strong passwords. | |
| Access Control – Local | SSH Access | On | Allows local configuration over LAN. |
| HTTP Access | On | Allows local WebUI configuration over LAN. | |
| HTTPS Access | On | Allows local WebUI configuration over LAN. | |
| CLI Access | On | Allows local command-line configuration over LAN. | |
| Login Protection | SSH Login Attempts | On | Blocks IP after 10 failed attempts (default). |
| WebUI Login Attempts | On | Blocks IP after 10 failed attempts (default). | |
| Configuration Security | SMS Utilities | Admin password | SMS commands require admin password. |
| Default Admin Password | On | Default password is present on the device label. | |
| Certificates | Root CA | Preloaded | Default root certificate included; can be replaced. |
| Other Protections | UPnP | Not installed / Off | Disabled to prevent unauthorized port forwarding. |
| UART Interface | Admin password | Requires password to prevent unauthorized physical access. |