HP 8/20q HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabr - Page 106
Security associations
View all HP 8/20q manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 106 highlights
Security associations A security association defines the encryption algorithm and encryption key to apply when called by a security policy. A security policy may call several associations at different times, but each association is related to only one policy. The security association database is the set of all security associations. IP Security configurations can be complex: it is possible to unintentionally configure policies and associations that isolate a switch from all communication. If this happens, you can disable IP security by placing the switch in maintenance mode, and correct the problem through the serial port interface. To create an association, click Add on the Security Association Database side of the IPsec Configuration dialog box. This opens the Create IPsec Security Association dialog box (Figure 59). Table 18 describes the fields in the Create IP Security Association dialog box. Figure 59 Create IP Security Association dialog box Table 18 Create IP Security Association dialog box fields Field Name Description Source Address Description Association name Association description IP address (version 4 or 6) or DNS host name of the host, switch, or gateway from which data originates Destination Address IP address (version 4 or 6) or DNS host name of the host, switch, or gateway receiving data. If you specified an IP address for the Source Address, the Destination Address must use the same IP version format. Protocol Protocol IP security protocol to be used to process data. The protocol can be one of the following: • Encapsulated Security Payload (esp) • Encapsulated Security Payload (esp-old) • Authentication Header (ah) • Authentication Header (ah-old) SPI Security parameters index number 106 Managing Switches