beautypg.com

Setting authentication and encryption – HP StorageWorks Enterprise File Services WAN Accelerator User Manual

Page 63

background image

HP S

TORAGE

W

ORKS

EFS WAN A

CCELERATOR

M

ANAGEMENT

C

ONSOLE

U

SER

G

UIDE

63

2 -
C

ON
FIG

URING

TH
E

HP

EF

S

WA

N

A

C

C

EL
ER
ATO

R

8. Click Save to write your settings to memory or click Reset to return the settings to

their previous values.

Setting
Authentication
and Encryption

Optionally, you can configure the HP EFS WAN Accelerator to authenticate and
encrypt data to and from a peer HP EFS WAN Accelerator in the Setup: Advanced
Networking - Encryption page using the IP Security Protocol (IPsec).

Enabling IPsec support makes it difficult for a third party to view your data or pose as
a machine you expect to receive data from. To enable IPsec authentication you must
have at least one encryption and authentication algorithm specified. You must also
specify a shared secret to enable IPsec support. With IPsec support, only optimized
data is protected, pass-through traffic is not.

IMPORTANT: You must set IP security support on each peer HP EFS WAN Accelerator in
your network for which you want to establish a secure connection. You must also specify a
shared secret on each peer HP EFS WAN Accelerator.

To configure IPsec authentication and encryption you must:

‹

set the peer HP EFS WAN Accelerator for which you want to make a secure
connection.

‹

set the encryption algorithms in order of priority. The algorithm is used to encrypt
each packet sent using IPsec.

‹

set the authentication hashing algorithms in order of priority. The algorithm is
used to guarantee the authenticity of each packet.

‹

set the time between quick-mode renegotiation of keys using Internet Key
Exchange (IKE). IKE uses public key cryptography to provide the secure
transmission of a secret key to a recipient so that the encrypted data can be
decrypted at the other end. The default value is 240 minutes.

‹

set the shared secret that is used to negotiate and renegotiate secret keys. All the
HP EFS WAN Accelerators in the network for which you want to use IPsec must
have the same key.

Encryption
Algorithm

Description

DES

The Data Encryption Standard (DES). The default value is DES.

NULL

The null encryption algorithm.

Authentication
Algorithm

Description

MD5

Message-Digest algorithm 5 (MD5) is a widely-used cryptographic
hash function with a 128-bit hash value. The default value is MD5.

SHA1

Secure Hash Algorithm (SHA1) is a set of related cryptographic hash
functions. SHA-1 is considered to be the successor to MD5.

See also other documents in the category HP Computer Accessories: