Billion BiGuard 50G User Manual page 129

802.11g dual wan security gateway

Hide thumbs Also See for BiGuard 50G:

User manual (71 pages)

Quick start manual (7 pages)

Specifications (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

Table of Contents

Any Local Address: Will enable any local address on the network.

Subnet: The subnet of the remote network. Selecting this option allows

you to enter an IP address and netmask.

IP Range: The IP Range of the remote network.

Single Address: The IP address of the remote host.

Gateway Address: The gateway address of the remote host.

Proposal:

Secure Association (SA): SA is a method of establishing a security policy

between two points. There are three methods of creating SA, each varying in

degrees of security and speed of negotiation:

Main Mode: Uses the automated Internet Key Exchange (IKE) setup; most

secure method with the highest level of security.

Aggressive Mode: Uses the automated Internet Key Exchange (IKE) setup;

mid-level security. Speed is faster than Main mode.

Manual Key: Standard level of security. It is the fastest of the three

methods.

Method: There are two methods of checking the authentication information, AH

(Authentication Header) and ESP (Encapsulating Security Payload). Use ESP for

greater security so that data will be encrypted and authenticated. AH data will be

authenticated but not encrypted.

Encryption Protocol: Select the encryption method from the pull-down menu.

There are several options: DES, 3DES, and AES (128, 192 and 256). 3DES and AES

are more powerful but increase latency.

DES: Stands for Data Encryption Standard. It uses a 56-bit encryption

method.

3DES: Stands for Triple Data Encryption Standard. It uses a 168-bit

encryption method.

AES: Stands for Advanced Encryption Standard. You can use 128, 192 or

256 bits as encryption method.

Authentication Protocol: Authentication establishes data integrity and ensures

it is not tampered with while in transit. There are two options: Message Digest 5

(MD5), and Secure Hash Algorithm (SHA1). While slower, SHA1 is more resistant to

brute-force attacks than MD5.

MD5: A one-way hashing algorithm that produces a 128−bit hash.

SHA1: A one-way hashing algorithm that produces a 160−bit hash.

Perfect Forward Secure: Choose whether to enable PFS using Diffie-Hellman

public-key cryptography to change encryption keys during the second phase of VPN

negotiation. This function will provide better security, but extends the VPN

129

Table of Contents

Billion BiGuard 50G User Manual page 129

Related Manuals for Billion BiGuard 50G

Related Products for Billion BiGuard 50G

Table of Contents