ASTi Logo

Application Note

HTTPS and MBV Telestra Web Interface (#122)

ASTi recently began fielding inquiries from customers who purchased their ASTi Telestra Model Builder Visual (MBV) systems some time within the past 10 years. We no longer sell MBV-based systems but continue to support customers still using them.

Some customers have noticed problems with MBV's Telestra web interface, the web-based interface allowing users to view and manage ASTi devices, files, and network connections. The Telestra web interface existed in the DACS days before MBV was invented, but the version of the Telestra web interface that shipped with MBV was the first to include Secure HTTP (HTTPS) operation by default. All subsequent versions of Telestra web interface also use HTTPS.

In addition to previous warnings, our MBV customers have now started receiving notification that the HTTPS certificate has expired! We started an MBV system, pointed a web browser to its IP address, and learned that the certificates we installed on MBV systems all expired on March 31, 2016.

Now users' browsers are yelling, "Danger!" even louder. But it doesn't matter.

Why not?

The majority of web security advances and improvements protect honest users conducting honest transactions with honest institutions on the Internet (to say nothing of the bad guys). Security and encryption for online banking, shopping, registration, etc. is important to safeguard your information from others in this public venue. ASTi systems, however, usually operate on closed networks with dedicated security personnel tasked with securing them. The HTTPS functionality in Telestra web interface exists solely to provide a secure connection between authorized users and the Telestra (or Voisus) system itself. It only helps prevent unauthorized access to the ASTi system by encrypting usernames and passwords.

To reiterate the conclusion in the Telestra web interface manual: it is safe to circumvent the warnings issued by your web browser when accessing your ASTi system(s).