Intel PRO/100 Computer Hardware User Manual


 
Configuring Security Settings
33
Destination workgroups can be used in multiple rules. If you modify a destina-
tion workgroup, other rules may be affected.
Before you modify a destination workgroup, check the following:
If you have used the destination workgroup in any other rules, do not
follow the steps below. See “Modify Destination Workgroups or Secu-
rity Actions” on page 41 for more information.
If you have not used the destination workgroup in any other rule, con-
tinue with the steps below.
To modify a destination workgroup
1. In the Customize Destination Workgroups dialog box, select the destination
workgroup you want to modify.
2. Make changes, as necessary, then click OK.
Customize Security Actions
You must specify a security action for each rule. This section defines the secu-
rity settings you can apply when two computers communicate.
Packet Protect provides six pre-defined security actions, described below. See
“Available Settings for Security Actions” on page 34 for detailed information
about the security settings listed here.
•Clear
Use to communicate completely in the clear, without any security.
Default Action
Use to get an action that provides a high level of security, along with a high
level of interoperability. The default action is a rich set of IPSec proposals
that includes various levels of ESP (Encapsulation Security Payload)
encryption, ESP authentication, and AH authentication. It provides a maxi-
mum level of interoperability with non-Packet Protect implementations of
IPSec.
•Deny
Use to deny any communications between two computers.
Initiate Clear, Secure Responder
Use when you want to initiate communications in the clear and will attempt
to negotiate a secure connection if requested. This security action is most
appropriate for workstations.
Secure Initiator, Fallback Clear
Use when you want to request security for all communications, but do not
require it. If a secure connection cannot be negotiated, then the communi-
cation will be in the clear. This security action is appropriate for servers.
Secure Initiator, Fallback Deny
Use when you want to require security for all communications. If a secure