2 security descriptor, What is, Ike session descriptor – Nortel Networks 608(WL) User Manual
Page 19: Ipsec descriptor, Security descriptor, Chapter 2
Chapter 2
SpeedTouch™ IPSec terminology
E-DOC-CTC-20051017-0169 v1.0
17
2.2 Security Descriptor
What is ...
All security parameters required to establish a secure tunnel are grouped into a
string called Security Descriptor or simply descriptor. Two different sets of
descriptors are defined:
IKE session descriptors
IPSec descriptors
A Descriptor contains the methods for message authentication, encryption and
hashing, and the lifetime of the Security Association. A number of descriptors are
pre-configured in the SpeedTouch™. The user can modify these descriptors, or
define additional descriptors to fit his requirements.
IKE session Descriptor
The IKE descriptor contains the following parameters:
Encryption method
Message integrity method (also called message authentication)
Diffie-Hellman group used for key generation
Lifetime of the Security Association.
IPSec Descriptor
The IPSec descriptor contains the following parameters:
Encryption method
Message integrity method (also called message authentication)
Selection to use Perfect Forward Secrecy, or not
Lifetime of the Security Association
Encapsulation method.