HP StorageWorks 8/80 Brocade Web Tools Administrator's Guide v6.2.0 (53-100119 - Page 267

IPSec Concepts 17 IPSec Concepts Internet Security Protocol (IPSec) is a set of open standards that provide cryptographic security services for IP networks. Several protocols are available for providing authentication and secure transmission of data. From Web Tools, you can establish IPSec policies for FCIP implementations on7500 extension switches and FR4-18i blades, and you can establish IPSec policies for IP interfaces that provide management access to switches and control processors. There are several protocols and algorithms that can be applied. Choosing the protocols and algorithms you want to use may be a matter of adapting to an implementation that is already in place in your LAN, or you may need to do a significant amount of research and planning. The supported protocols and algorithms are defined and described in the RFCs listed in Table 19. TABLE 19 Relevant RFCs RFC Number Title RFC 4301 Security Architecture for the Internet Protocol RFC 4302 IP Authentication Header RFC 4303 IP Encapsulating Security Payload RFC 4304 RFC 4305 Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation (DOI) for Internet Security Association and Key Management Protocol (ISAKMP) Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header RFC 4869 Suite B Cryptographic Suites for IPSec RFC 4309 RFC 4306 RF C4307 RFC 3971 RFC 3972 RFC 3041 Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP) Internet Key Exchange Version 2 (IKEv2) Protocol Cryptographic Algorithms for Internet Key Exchange Version 2 (IKEv2) Secure Neighbor Discovery Cryptographically Generated Addresses Privacy Extensions for Stateless Address Auto configuration in IPv6 Web Tools Administrator's Guide 239 53-1001194-01