Dell EqualLogic PS6210E EqualLogic Group Manager Administrator s Guide PS Seri - Page 73
About IPsec, Types of Protected Traffic, Types of Protected
View all Dell EqualLogic PS6210E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 73 highlights
4. Confirm that you want to delete the policy. When you delete or modify a basic access point, you might need to update any computer that was previously accessing volumes through that access point. About IPsec IPsec is a set of standardized protocols designed to allow systems on IP-based networks to verify each other's identities and create secured communication links. IPsec uses cryptographic security mechanisms for authentication and protection. IPsec validates the identity of devices communicating over IP-based networks, encrypts all data passing between participating systems, and protects against disclosure, modification, eavesdropping, and attack. IPsec is supported for both IPv4 and IPv6 networks. NOTE: For more general information about IPsec, refer to the website of the Internet Engineering Task Force (ietf.org), the organization that originally developed the IPsec protocols. In the context of an iSCSI SAN that uses EqualLogic PS Series storage arrays, IPsec secures communications between group member arrays and also between iSCSI initiators and the group. You can use policies to configure your IPsec implementation to protect iSCSI traffic based on initiator IP address, initiators in a specific subnet, or network protocol. IPsec authentication is handled using certificates or pre-shared keys. Types of Protected Traffic The types of traffic protected by IPsec are shown in Figure 9. What IPsec Protects. Figure 9. What IPsec Protects IP Traffic Protection To enable IPsec protection for traffic between the group and iSCSI initiators, use the following basic process: NOTE: This process is not required for protecting communications between group members. After IPsec is enabled, all network traffic between group members is automatically protected, without need for further configuration. 1. A group administrator creates security parameters to specify how traffic should be authenticated. 2. A group administrator creates policies to identify traffic and determine what action to take for it: • Traffic is dropped. • Traffic is allowed to pass directly through to the array in the clear. About Group-Level Security 73