Avaya Configuring IP Security Services Manual de usuario Pagina 40
- Pagina / 100
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Configuring IPsec Services
2-4
304111-B Rev 00
Securing Your Site
To enforce IPsec, carefully restrict unauthorized access to the routers that encrypt
data and the workstations that you use to configure IPsec. Keep in mind that the
encryption standards that IPsec uses are public. Your data is secure only if you
properly protect the encryption and authentication keys. The configuration files
that contain these keys include safeguards to prevent unauthorized access.
Securing Your Configuration
Store any files containing encryption keys on diskettes or other removable media,
and keep the media in a secure place. Physically protecting your equipment is
always a good strategy and the easiest way to prevent unauthorized access to these
files.
Always configure your node protection keys (NPKs) locally, not over a network.
When you connect a PC or a workstation to a router console port to configure
encryption, use a machine that is not connected to any other equipment. Be sure to
also protect the routers on which the NPKs reside.
Encryption Keys
IPsec uses a hierarchy of keys to protect and transmit data:
• Node protection key (NPK) -- encrypts the manual cipher and integrity keys
for storage on the router or transfer from Site Manager.
-- Cipher key -- encrypts data that travels across the network in the IKE or
ESP payload. (IKE cipher and integrity keys are not stored on the router.)
-- Integrity key -- calculates the integrity check value (ICV), which is used
at the data packet destination to detect any unauthorized modification of
the ESP or IKE data.
• Pre-shared authentication key -- authenticates the IKE SA used to protect the
negotiation and rekeying of IPsec SAs.
Caution:
The NPK is the most critical key in the hierarchy. If the NPK is
compromised, all encrypted data on the router can be compromised.
- Configuring IPsec 1
- Services 1
- Trademarks 2
- Restricted Rights Legend 2
- Statement of Conditions 2
- Contents 5
- 304111-B Rev 00 vii 7
- 304111-B Rev 00 ix 9
- 304111-B Rev 00 xi 11
- Before You Begin 13
- Text Conventions 14
- Acronyms 15
- Configuring IPsec Services 16
- How to Get Help 17
- Overview of IPsec 19
- Chapter 1 19
- About IPsec 20
- IPsec Services 20
- How IPsec Works 21
- IPsec Protection 22
- Elements of IPsec 23
- Security Gateways 25
- Security Policies 26
- Inbound Policies 27
- Outbound Policies 27
- Policy Criteria Specification 28
- Security Associations 29
- Manual Security Associations 30
- Security Protocols 33
- Authentication Header 34
- Perfect Forward Secrecy 35
- Supported Routers 36
- Supported WAN Protocols 36
- Chapter 2 37
- Getting Started With IPsec 37
- Upgrading Router Software 38
- Installing the IPsec Software 38
- 304111-B Rev 00 39
- Securing Your Site 40
- Securing Your Configuration 40
- Random Number Generator (RNG) 41
- Generating NPKs 41
- Caution: 42
- Changing an NPK 44
- Monitoring NPKs 44
- Chapter 3 45
- Creating Policies 46
- Specifying an Action 47
- Policy Considerations 47
- Creating an Outbound Policy 48
- Creating an Inbound Policy 50
- About Automated SA Creation 52
- About Manual SA Creation 52
- Disabling IPsec 57
- Appendix A 59
- Site Manager Parameters 59
- Enabling IPsec Parameters 60
- IPsec Policy Parameters 61
- Appendix B 69
- Definitions of k Commands 69
- Appendix C 71
- Configuration Examples 71
- RTR4 Subnet 192.32.30.0 74
- Manual SA Policy Examples 75
- RTR1 and RTR2 78
- RTR1 79
- RTR2 79
- RTR3 82
- RTR4 82
- Appendix D 87
- Protocol Numbers 87
Relacionado con productos y manuales para Software Avaya Configuring IP Security Services
Software Avaya BayRS Version 15.5.0.0 Manual de usuario
(198 paginas)
(198 paginas)
Software Avaya BCM Attendant Console Guía de usuario
(92 paginas)
(92 paginas)
Software Avaya Business Communications Manager - Call Detail Recording System Manual de usuario
(70 paginas)
(70 paginas)
Software Avaya 7-10.xx Manual de usuario
(114 paginas)
(114 paginas)
Software Avaya Configuring IP Services Manual de usuario
(650 paginas)
(650 paginas)
Software Avaya FireWall-1 Manual de usuario
(40 paginas)
(40 paginas)
Software Avaya Personal Call Manager Guía de usuario
(96 paginas)
(96 paginas)
Software Avaya 1010/1020 Manual de usuario
(32 paginas)
(32 paginas)
Software Avaya Call Center Manual de usuario
(274 paginas)
(274 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.052 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales