Intel PRO/100 Computer Hardware User Manual


  Open as PDF
of 82
 
Intel® Packet Protect User’s Guide
4
How Packet Protect Works
Packet Protect helps you protect network traffic that is sent from one server or
client to another. Packet Protect uses these steps to protect information traveling
on the network:
1. Activate IKE (Internet Key Exchange). Negotiates parameters for secure
communication.
2. Activate IPSec (Internet Protocol Security). Protects the communication
using the security parameters it negotiated successfully using IKE.
What is IP Security?
Internet Protocol (IP) Security (commonly called IPSec) is a set of standard pro-
tocols used to protect the confidentiality and authenticity of IP communications.
IPSec accomplishes this using the following:
Encryption. Protects confidentiality of information traveling on the net-
work. Each packet is encrypted so that unwanted recipients can’t interpret
it. Packet Protect uses DES 56-bit and 3DES 168-bit encryption algorithms
(3DES in U.S. and Canada version only).
•Integrity. Protects the authenticity of the information traveling on the net-
work by verifying that each packet was unchanged in transport. Packet Pro-
tect uses MD5 and SHA-1 authentication algorithms for both ESP and AH
authentication.
Anti-replay protection. Protects the network by preventing an intruder
from successfully repeatedly sending an identical packet in an attempt to
confuse the system.
For more information about IPSec, see “Appendix A — IKE and IPSec” on
page 53.
What is Internet Key Exchange?
Internet Key Exchange (IKE) is a standard protocol used to negotiate a protected
communication. Negotiation is the first phase in setting up a secure communica-
tion. IKE verifies the identity of the computers using pre-shared keys. Then it
negotiates a set of security settings to protect the communication.
IKE is a protocol that operates inside a framework defined by ISAKMP (Internet
Security Association Key Management Protocol) and is used to support the
establishment of Security Associations.
For more information about IKE, see “Appendix A — IKE and IPSec” on
page 53.
 previous next