Vpn To Other Ipsec Compliant Devices; About Vpn Policies; Vpn Policies And Ipsec Actions - Watchguard V10 User Manual

VPN to other IPSec compliant devices

This method uses IPSec to establish encrypted tunnels
between a Firebox Vclass appliance and any other IPSec-
compliant security device, regardless of brand, that may be
in service protecting branch office, trading partner, or sup-
plier locations. VPN with IPSec is available with the
WatchGuard medium encryption version at DES (56-bit)
strength, and with the WatchGuard strong encryption ver-
sions at both DES (56-bit) and Triple DES (168-bit)
strengths.
A main advantage of VPN with IPSec is that you can order
and prioritize routing policies to specify which VPN tunnel
to use for certain traffic. For example, you can use DES
encryption for VPN traffic originating from your sales
team, and the stronger Triple DES encryption for all data
transmitted from your finance department.

About VPN Policies

To establish VPN connections between your present site
and other remote sites, you must create and apply VPN
policies. These policies specify the required levels of
authentication and encryption to protect the data.

VPN policies and IPSec actions

A VPN security policy always includes an IPSec action,
regardless of whether you are creating a manual key or
automatic key policy. The IPSec action determines what
type of authentication and encryption is used to protect
traffic governed by this policy. VPN policies can incorpo-
rate different kinds of keys (manual or automatic) and dif-
ferent types of encryption and authentication algorithms to
be applied to the data stream. If a VPN policy has no IPSec
action, the data will be sent as clear text.
Firebox Vclass User Guide
About VPN Policies
305