Avaya Configuring Integrated IP Security Manual de usuario descargar pdf (Pagina 27)

Getting Started with IPsec

304111-A Rev 00

2-3

Figure 2-2. IPsec Security Gateways

When you add IPsec services to a security gateway, its internal hosts and

subnetworks can communicate with the external hosts that directly operate IPsec

services, or with a remote security gateway that provides IPsec services for its set

of hosts and subnetworks.

Security Policies

There are two types of IPsec policies: inbound and outbound. An inbound policy

is used for data packets arriving at a security gateway, and an outbound policy is

used for data packets leaving a security gateway. Each IPsec interface can support

up to 127 inbound and 127 outbound security policies (refer to Figure 2-3

Policy Templates

Every IPsec policy is based on a policy template. A policy template is a predefined

policy definition that you can use on any IP interface. The template specifies one

or more criteria and an action (or none) to apply to incoming or outgoing data

packets.

A policy template and every policy based on it must include at least one criterion,

for example, an IP source address. A policy template may include one or no

action. For example, an outbound policy might specify a protect action. The

criterion specification determines whether a data packet matches a particular

security policy, and the action specifies how the policy is applied to the packet.

IP0078A

Untrusted

network

Local

host

Trusted

network

Outbound Policy

Inbound Policy (clear text only)

IPsec interface

Remote

host

Outbound Policy

Inbound Policy (clear text only)

Security

gateway

Security

gateway

Trusted

network

1 2 ... 22 23 24 25 26 27 28 29 30 31 32 ... 71 72

Comentarios a estos manuales

Sin comentarios

Avaya Configuring Integrated IP Security Manual de usuario Pagina 27

Comentarios a estos manuales

Relacionado con productos y manuales para Software Avaya Configuring Integrated IP Security