Internet Key Exchange Concepts; Table 20 Encryption Algorithm Options - Brocade Communications Systems 8 Administrator's Manual
Supporting fabric os v6.4.0
Hide thumbs
Also See for 8:
- Command reference manual (1080 pages) ,
- Reference (842 pages) ,
- Reference manual (382 pages)
Table of Contents
Advertisement
17
IPsec concepts
Endpoint to Gateway
In an endpoint to gateway configuration, a protected endpoint connects through an IPsec protected
tunnel. This can be used as a virtual private network (VPN) for connecting a roaming computer, like
a service laptop, to a protected network.
Internet Key Exchange concepts
Internet Key Exchange (IKE) is used to authenticate the end points of an IP connection, and to
determine security policies for IP traffic over the connection. The initiating node proposes a policy
based on the following:
•
•
•
•
•
Encryption algorithms
An encryption algorithm is used to encrypt messages used in the IKE negotiation.
available encryption algorithms. A brief description is provided. If you need further information,
please refer to the RFC.
TABLE 20
Encryption algorithm
3des_cbc
null_enc
aes128_cbc
aes256_cbc
232
DRAFT: BROCADE CONFIDENTIAL
An encryption algorithm to protect data.
A hash algorithm to check the integrity of the authentication data.
A Pseudo-Random Function (PRF) algorithm that can be used with the hash algorithm for
additional cryptographic strength.
An authentication method requiring a digital signature, and optionally a certificate exchange.
A Diffie-Hellman exchange that generates prime numbers used in establishing a shared secret
key.
Encryption algorithm options
Description
3DES processes each block three times, using
a unique 56-bit key each time.
No encryption is performed.
Advanced Encryption Standard (AES) 128 bit
block cipher.
Advanced Encryption Standard (AES) 256 bit
block cipher.
Table 20
lists the
RFC number
RFC 2451
RFC 4869
RFC 4869
Web Tools Administrator's Guide
53-1001772-01
Advertisement
Table of Contents
Troubleshooting
