Motorola 3347 User Manual
Page 330
330
•
The encr yption and authentication keys
•
Lifetime of encr yption keys
•
The lifetime of the SA
•
Replay prevention sequence number and the replay bit table
An arbitrar y 32-bit number called a Security Parameters Index
(SPI), as well as the destination host’s address and the IPSEC
protocol identifier, identify each SA. An SPI is assigned to an SA
when the SA is negotiated. The SA can be referred to by using
an SPI in AH and ESP transformations. SA is unidirectional. SAs
are commonly setup as bundles, because typically two SAs are
required for communications. SA management is always done
on bundles (setup, delete, relay).
serial communication. Method of data transmission in which
data bits are transmitted sequentially over a communication
channel
SHA-1. An implementation of the U.S. Government Secure
Hash Algorithm; a 160-bit authentication algorithm.
Soft MBytes. Setting the Soft MBytes parameter forces the
renegotiation of the IPSec Security Associations (SAs) at the
configured Soft MByte value. The value can be configured
between
1 and 1,000,000 MB
and refers to data traffic passed.
If this value is not achieved, the Hard MBytes parameter is
enforced.
Soft Seconds. Setting the Soft Seconds parameter forces the
renegotiation of the IPSec Security Associations (SAs) at the
configured Soft Seconds value. The value can be configured
between 60 and 1,000,000 seconds.