Avaya Configuring IP Security Services Manual de usuario Pagina 27

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 100
  • Tabla de contenidos
  • MARCADORES
  • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 26
Overview of IPsec
304111-B Rev 00
1-9
Inbound Policies
An inbound policy determines how a security gateway processes data packets
received from an untrusted network. Every packet arriving at a security gateway is
compared with the criteria to determine whether it matches an IPsec policy for
that router. If the incoming packet matches a bypass policy, the router accepts the
packet and, if the policy is so configured, logs it.
If the packet does not match any policy or matches a drop policy, the router rejects
the packet. When a packet does not match any policy, IPsec’s default action is to
drop it.
For an inbound security policy, the action may be:
•Drop
Bypass
•Log
Drop and bypass are mutually exclusive. The log action may be added to either, or
used alone.
Outbound Policies
An outbound policy determines how a security gateway processes data packets for
transmission across an untrusted network. You must assign an outbound policy for
all unicast traffic leaving an IPsec interface.
For an outbound policy, the action specification may be:
Protect
•Drop
Bypass
•Log
Any outbound policy with a protect action specification is mapped to a Protect
SA. See
Summarizing Security Policies and SAs” on page 1-14 for detailed
information about Protect and Unprotect SAs.
Drop, protect, and bypass are mutually exclusive. The log action may be added to
any of the three, or used alone.
Vista de pagina 26
1 2 ... 22 23 24 25 26 27 28 29 30 31 32 ... 99 100

Comentarios a estos manuales

Sin comentarios