beautypg.com

Ipsec concepts – Brocade Web Tools Administrators Guide (Supporting Fabric OS v7.3.0) User Manual

Page 223

background image

NOTE
The server is not deleted until you apply the changes from the AAA Services tab.

5. Click Apply in the AAA Service tab.

A confirmation dialog box displays, warning you that you are about to remove the selected server.

6. Click Yes in the confirmation dialog box.

IPsec concepts

Internet Security Protocol (IPsec) is a set of open standards that provide cryptographic security services
for IP networks. Several protocols are available for providing authentication and secure transmission of
data.

From Web Tools, you can establish IPsec policies for FCIP implementations on 7800 extension
switches with the upgrade license, the 7500 extension switches and FR4-18i blades, and you can
establish IPsec policies for IP interfaces that provide management access to switches and control
processors.

There are several protocols and algorithms that can be applied. Choosing the protocols and algorithms
you want to use may be a matter of adapting to an implementation that is already in place in your LAN,
or you may need to do a significant amount of research and planning. The supported protocols and
algorithms are defined and described in the RFCs listed in the following table.

Relevant RFCs

TABLE 20

RFC number Title

RFC 4301

Security Architecture for the Internet Protocol

RFC 4302

IP Authentication Header

RFC 4303

IP Encapsulating Security Payload

RFC 4304

Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation (DOI) for Internet
Security Association and Key Management Protocol (ISAKMP)

RFC 4305

Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP)
and Authentication Header

RFC 4869

Suite B Cryptographic Suites for IPsec

RFC 4309

Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload
(ESP)

RFC 4306

Internet Key Exchange Version 2 (IKEv2) Protocol

RF C4307

Cryptographic Algorithms for Internet Key Exchange Version 2 (IKEv2)

RFC 3971

Secure Neighbor Discovery

RFC 3972

Cryptographically Generated Addresses

RFC 3041

Privacy Extensions for Stateless Address Auto configuration in IPv6

IPsec concepts

Web Tools Administrator's Guide

223

53-1003169-01

See also other documents in the category Brocade Computer Accessories: