Manualshelf

HP-UX IPSec version A.02.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
31323334353637383940
HP-UX IPSec Overview
Features
Chapter 134
For more information about HP-UX IPSec performance, refer to the
HP-UX IPSec Performance and Sizing White Paper, available at the
following URL:
http:/docs.hp.com/en/internet.html#HP-UX%20IPsec
Dynamic encryption key management
HP-UX IPSec supports the Internet Key Exchange (IKE) protocol,
part of the IPsec protocol suite, to establish and manage dynamic
cryptographic keys. Using dynamic keys (keys that change) to
encrypt and authenticate data provides additional security.
Identity authentication
The IKE protocol authenticates the identity of the remote system.
HP-UX IPSec supports the following forms of IKE authentication:
—Preshared keys.
Digital signatures (RSA signatures), using X.509 version 3
security certificates.
Because IKE verifies the identity of the remote system, AH and ESP
provide data origin authentication.
Host-based IPsec topologies
HP-UX IPSec is supported on host systems in host-to-host and in
host-to-gateway topologies. You can use HP-UX IPSec to provide
security in internal networks and to provide Virtual Public Network
(VPN) solutions across public Internet communication.
You can also use HP-UX IPSec with application servers (proxy
application servers) and IPsec VPN gateways from other vendors.
Interoperability
HP-UX IPSec interoperates with over 25 other IPsec
implementations, including those of Microsoft, Cisco, and Linux.
Mobile IPv6 Home Agent security
You can use HP-UX IPSec on HP-UX Mobile IPv6 Home Agents to
secure communication between the Home Agent and mobile nodes.
HP-UX IPSec is conformant with RFC 3776, Using IPsec to Protect
Mobile IPv6 Signaling Between Mobile Nodes and Home Agents.
Powerful and flexible management utilities