Transmission Using IPsec
For securer communications, this machine supports the IPsec protocol. When applied, IPsec encrypts
data packets at the network layer using shared key encryption. The machine uses encryption key
exchange to create a shared key for both sender and receiver. To achieve even higher security, you can
also renew the shared key on a validity period basis.
• IPsec is not applied to data obtained through DHCP, DNS, or WINS.
• IPsec compatible operating systems are Windows XP SP2, Windows Vista/7, Windows Server
2003/2003 R2/2008/2008 R2, Mac OS X 10.4.8 and later, Red Hat Enterprise Linux WS 4.0,
and Solaris 10. However, some setting items are not supported depending on the operating
system. Make sure the IPsec settings you specify are consistent with the operating system's IPsec
settings.
• If you cannot access Web Image Monitor due to IPsec configuration problems, disable IPsec under
[Admin. Tools] on the control panel, and then access Web Image Monitor.
• For details about specifying the IPsec settings using Web Image Monitor, see p.339 "Configuring
the IPsec Settings".
• For details about enabling and disabling IPsec using the control panel, see p.432 "Enabling and
Disabling IPsec Using the Control Panel".
Encryption and Authentication by IPsec
IPsec consists of two main functions: the encryption function, which ensures the confidentiality of data,
and the authentication function, which verifies the sender of the data and the data's integrity. This
machine's IPsec function supports two security protocols: the ESP protocol, which enables both of the
IPsec functions at the same time, and the AH protocol, which enables only the authentication function.
ESP Protocol
The ESP protocol provides secure transmission through both encryption and authentication. This
protocol does not provide header authentication.
• For successful encryption, both the sender and receiver must specify the same encryption
algorithm and encryption key. The encryption algorithm and encryption key are specified
automatically.
• For successful authentication, the sender and receiver must specify the same authentication
algorithm and authentication key. The authentication algorithm and authentication key are
specified automatically.
Transmission Using IPsec
427
11