Issuer Certificates
Issue 4 May 2005 315
Dynamic VPNs Dynamic VPNs are VPNs that can be readily scaled as dictated by business
demands. As the remote client user population grows, the authentication and
session configuration information for each new user must necessarily also
grow. By maintaining this information not in the security gateway’s flash
memory but on a dedicated network host device, the number of users becomes
unlimited. Two techniques of achieving this functionality normally used are
Dyna Policy An Avaya VPN term relating to a dynamic configuration download of VPN
session security parameters to the remote client computer upon connection to a
security gateway. This technique assures maximum security in a VPN session.
Encapsulation The process of placing the contents of one packet into that of payload of
another packet.
Extranet security
It is possible to create a Group associated with a security gateway that is not
managed by your company’s VPNmanager. This happens when creating
“extranets,” or VPNs between partner corporations. In an extranet, each
corporate network uses VPN components that are managed separately by each
company’s system administrator.
Firewall A network device acting as a filter to restrict access to private network
resources from the public. Filtering typically is based on the types of packets
exchanged between two devices on the network.
Heartbeat A special VPN packet broadcast by a primary security gateway used to facilitate
the resilient tunnel function.
IKE (Internet Key
A key-management protocol, IKE defines procedures and packet formats to
establish, negotiate, modify and delete Security Associations (SAs) and defines
payloads for exchanging key generation and authentication data. These
formats provide a consistent framework for transferring key and authentication
data which is independent of the key generation technique, encryption
algorithm and authentication mechanism. Now combined with Oakley to form
IP Groups IP Groups are a convenient means of managing your VPN resources. IP
Groups are collections of IP network mask pairs associated with security
gateways, hosts, and workstations located behind the security gateway.
IPSec The network cryptographic protocols for protecting IP packets.
ISAKMP The key-management protocol used in conjunction with IPSec.
Issuer Certificates See Certificates, Issuer