HP AE370A Brocade Web Tools Administrator's Guide v6.0.0 (53-1000606-01, April - Page 218
FCIP-related features, IKE/IPSec, Understanding the FCIP Tunneling Service
UPC - 882780362611
View all HP AE370A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 218 highlights
17 Understanding the FCIP Tunneling Service FCIP-related features Web Tools provides or supports these related features: • A per-tunnel compression feature that allows the Fibre Channel data frames to be compressed before they are sent over the tunnel as FCIP frames. • Fastwrite, which is a feature that reduces the number of round-trip times required to complete a SCSI write I/O and increases performance. • Tape pipelining which reduces the number of round trip times required to complete a SCSI write I/O and eliminates the sequential nature of the SCSI I/O. • IKE/IPSec Policy, which is a framework of open standards to ensure private, secure communications over IP networks through the use of cryptographic security services. IKE (Internet Key Exchange) is the protocol used to set up a Security Association in the IPSec protocol suite. NOTE You need an IPSec license to enable and use this feature. IKE/IPSec IKE/IPSec is not supported with the following protocols: • IPv6 • ESP in transport mode • NAT Traversal Table 12 explains the fields and related choices to create an IKE/IPSec policy. TABLE 12 IKE/IPSec Configuration Choices Field Description Choices Policy Type Policy Number Encryption Algorithm Authentication Algorithm Perfect Forward Secrecy (PFS) You can create either an IKE policy or an IPSec policy IKE IPSec This parameter helps you keep track of the number of policies you have created on your switch. You can choose any number from 1 through 32. You can define up to 32 IKE and 32 IPSec policies per switch. 1 through 32 A mathematical procedure for performing encryption on data. Through the use of an algorithm, information is made into meaningless cipher text and requires the use of a key to transform the data back into its original form. 3DES AES-128 AES-256 An encryption process or tool in which the results of text SHA-1 encryption depend on all relevant authentication MD5 elements. AES-XCBC In an authenticated key agreement protocol that uses public key cryptography, PFS is the property of disclosure of the long-term secret keying material that is used to derive an agreed ephemeral key that does not compromise the secrecy of the agreed keys from earlier runs. IKE on/off IPSec disabled 198 Web Tools Administrator's Guide 53-1000606-01