Avaya Configuring IPsec Services Bedienungsanleitung Seite 40
- Seite / 122
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Configuring IPsec Services
2-4
308630-15.1 Rev 00
Securing Your Site
To enforce IPsec, carefully restrict unauthorized access to the routers that encrypt
data and the workstations that you use to configure IPsec. Keep in mind that the
encryption standards that IPsec uses are public. Your data is secure only if you
properly protect the encryption and authentication keys. The configuration files
that contain these keys include safeguards to prevent unauthorized access.
Securing Your Configuration
Store any files containing encryption keys on diskettes or other removable media,
and keep the media in a secure place. Physically protecting your equipment is
always a good strategy and the easiest way to prevent unauthorized access to these
files.
Always configure your node protection keys (NPKs) locally, not over a network.
When you connect a PC or a workstation to a router console port to configure
encryption, use a machine that is not connected to any other equipment. Make
sure that you also protect the routers on which the NPKs reside.
Encryption Keys
IPsec uses a hierarchy of keys to protect and transmit data:
• Node protection key (NPK): Encrypts the manual cipher and integrity keys for
storage on the router or transfer from Site Manager.
— Cipher key: Encrypts data that travels across the network in the IKE or
ESP payload. (IKE cipher and integrity keys are not stored on the router.)
— Integrity key: Calculates the integrity check value (ICV), which is used at
the data packet destination to detect any unauthorized modification of the
ESP or IKE data.
• Preshared authentication key: Authenticates the IKE SA used to protect the
negotiation and rekeying of IPsec SAs.
Caution:
The NPK is the most critical key in the hierarchy. If the NPK is
compromised, all encrypted data on the router can be compromised.
- Configuring IPsec Services 1
- Trademarks 2
- Restricted Rights Legend 2
- Statement of Conditions 2
- Contents 5
- 308630-15.1 Rev 00 vii 7
- 308630-15.1 Rev 00 ix 9
- 308630-15.1 Rev 00 xi 11
- Before You Begin 13
- Text Conventions 14
- Acronyms 15
- Hard-Copy Technical Manuals 16
- How to Get Help 17
- Chapter 1 19
- Overview of IPsec 19
- About IPsec 20
- Supported Routers 21
- Supported WAN Protocols 21
- IPsec Services 22
- How IPsec Works 23
- IPsec Tunnel Mode 24
- IPsec Elements 25
- Security Gateways 26
- Security Policies 26
- Security Associations 29
- Security Protocols 33
- Performance Considerations 35
- Chapter 2 37
- Installing IPsec 37
- Installing the IPsec Software 38
- Securing Your Site 40
- Securing Your Configuration 40
- Creating and Using NPKs 41
- Caution: 42
- Changing an NPK 43
- Monitoring NPKs 44
- Chapter 3 45
- Starting IPsec 45
- Creating Policies 46
- Specifying an Action 47
- Policy Considerations 47
- (continued) 48
- Automated SA Creation 51
- About Manual SA Creation 53
- Chapter 4 57
- Customizing IPsec 57
- Editing a Policy 58
- Adding a Policy 59
- Reordering Policies 62
- Modifying Automated SAs (IKE) 64
- Modifying Manual SAs 65
- Disabling IPsec 67
- Appendix A 69
- Site Manager Parameters 69
- Node Protection Key Parameter 70
- IPsec Parameters 71
- IPsec Policy Parameters 72
- Appendix B 81
- Definitions of k Commands 81
- Appendix C 83
- Configuration Examples 83
- 192.32.10.0 85
- 192.32.20.0 86
- Manual SA Policy Examples 87
- RTR1 92
- RTR2 92
- RTR3 95
- RTR4 95
- Appendix D 99
- IPsec Terminology 100
- Configuration Considerations 101
- Feature Comparison Summary 102
- 308630-15.1 Rev 00 103
- BayRS Tools 104
- Contivity Tools 104
- Symptoms You May See 105
- Protocol Numbers 107
- Appendix E 107
Verwandte Produkte und Handbücher für Software-Handbücher Avaya Configuring IPsec Services
Software-Handbücher Avaya DMC DECT Fundamentals - Communications Server 1000 Bedienungsanleitung
(340 Seiten)
(340 Seiten)
Software-Handbücher Avaya Configuring SNMP, BOOTP, DHCP, and RARP Services Bedienungsanleitung
(108 Seiten)
(108 Seiten)
Software-Handbücher Avaya Configuring Interface and Router Redundancy Bedienungsanleitung
(72 Seiten)
(72 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.021 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern