Specifications
Security
AVM Access Server – 5 AVM Access Server Concepts and Functional Principles 83
right mouse button and select “Add Group...” in the context menu
to start the Wizard that supports you in configuring the VPN
connection settings for a new user group. In the process you will
specify whether the users in the group are authorized to connect
over VPN links.
When you select a user group in the “Remote users” folder, the
settings for the group are shown on a number of dialog pages in
the properties display. The settings can be edited on these dialog
pages.
Security
Because the VPN connection is carried over the public Internet, there is
a danger of eavesdropping or manipulation by unauthorized third par-
ties. Appropriate security mechanisms must therefore guarantee the
following three kinds of security:
Privacy
The data interchange must be encrypted to prevent eavesdrop-
ping.
Authenticity
When a connection is opened, the communicating parties must
be authenticated to ensure that all data comes from the authentic
source, and is not simply being replayed by an interceptor for ex-
ample.
Integrity
The VPN must ensure that data cannot be modified by third
parties (as in “man-in-the-middle” attacks) on its way through In-
ternet.
The VPN Protocol IPsec
A protocol used to set up VPN connections must bring with it the fol-
lowing characteristics:
Support for security mechanisms that guarantee privacy, authen-
ticity and integrity as described above.
The ability to connect through a tunnel.
The IPsec suite provides these characteristics, and is therefore used by
the AVM Access Server as the standard VPN protocol.