HP UX IPSec Software manual Creating a Policy

Page 15

Step 1: Starting the IP Security Policies Snap-in Configuration Utility

Use the following procedure to start the IP Security Policies configuration utility. This utility is a snap-in module for the Microsoft Management Console (MMC).

1.Start the Microsoft Management Console (MMC). From the Microsoft Start menu, click Run and type MMC. Click OK.

2.If the IP Security Policies snap-in configuration utility is not loaded, use the following procedure to add it:

a.From the MMC window, click FileAdd/Remove Snap-in.

b.From the Add/Remove Standalone Snap-in window, click Add.

c.From the Add Standalone Snap-in window, scroll down to IP Security Policy Management and select it. Click Add.

d.In the Select Computer or Domain window, select Local computer (in this procedure, we are configuring IP Security for the local computer). Click Finish.

e.Close the Add Standalone Snap-in window by clicking Close.

f.Close the Add/Remove Snap-in window by clicking OK.

Step 2: Creating a Policy

Use the following procedure to create an IP Security policy. An IP Security policy is a set of IPsec configuration parameters. Only one local IP Security policy can be active (assigned) on a system.

1.In the left navigation pane of the IP Security Policy Management snap-in, click IP Security Policies on Local Computer to display all IP Security Policies. Depending on your Windows platform, there may be IP Security Policies already configured.

2.Right click IP Security Policies on Local Computer and select Create IP Security Policy.

3.The Policy Wizard starts and displays a startup message. Click Next.

4.The Policy Wizard opens the IP Security Policy Name window. Enter a name in the Name field. This name is used only for internal identification.

Click Next.

5.The Policy Wizard opens the Requests for Secure Communication window. Clear the Activate the default response rule check box, as shown in Figure 1. (The default response rule is a pre-configured rule that causes the Windows system to dynamically build a filter list based on the receipt of IKE requests. By default, the Windows system attempts to use IPsec only if it receives an IKE request from a remote system.)

Click Next.

Configuring a Windows Host-to-Host Policy 15

Page 14 Page 16
Image 15
Page 14 Page 16
Contents HP Part Number J4256-90025 Published June Edition Page Table of Contents Glossary List of Figures Page List of Tables Page Typographic Conventions About This DocumentPage Testing Environment Known Problem with Windows 2000 SP1 and SP2Introduction Protocol Implementation Differences Rules Windows IP Security Configuration OverviewTunnel Settings Configuring a Windows Host-to-Host PolicyCreating a Policy IP Security Policy Wizard Adding a RuleRules Tab Creating an IP Filter List Creating the IP Filter List and Filters for the RuleClick OK to return to the Filter Properties dialog box Protocol Tab for Filter Properties Selecting the Filter List for a Rule Configuring Filter Actions for the RuleSecurity Methods for Filter Action Encryption and Integrity Click Apply Selecting the Filter Action Modifying IKE Parameters for the Policy Configuring the Connection Type for the RuleGeneral Policy Properties Dialog Box Master key perfect forward secrecy PFS IKE Security Algorithms Dialog Box Starting the IP Security ServiceAssigning the IP Security Policy Ipsec Services Properties Dialog BoxVerifying the Configuration Windows ConfigurationExample HP-UX Configuration Inbound Tunnel Rule Requirements Configuring a Windows End-to-End Tunnel PolicyConfiguring a Tunnel Rule Outbound Tunnel Rule RequirementsOutbound Rule Outbound Rule Filter Inbound Rule Filter HP-UX Configuration Troubleshooting Tips Using IKE Logging on HP-UX SystemsUsing IKE Logging on Windows Systems Disable IKE logging. On Windows XP systems, set Additional Windows Troubleshooting ToolsIPsec Parameters on Windows and HP-UX Comparing HP-UX and Windows IPsec Configuration ParametersValues page 42 for Mirrored FiltersHP-UX IKE SA Lifetime Values Filter SelectionIKE Parameter Selection IKE SA Key Master Key Lifetime ValuesWindows IKE SA Lifetime Values Maximum Quick ModesPerfect Forward Secrecy PFS IPsec SA Key Session Key Lifetime ValuesWindows IPsec SA Lifetime Values Related Publications Page Glossary Transform
Related manuals
Manual 318 pages 32.64 Kb Manual 8 pages 43.6 Kb

UX IPSec Software specifications

HP-UX IPSec Software is an integral component of the HP-UX operating system, providing robust and secure communication capabilities for enterprise environments. As organizations increasingly rely on secure networking solutions, HP-UX IPSec stands out with its comprehensive set of features and technologies designed to safeguard sensitive data.

One of the core characteristics of HP-UX IPSec Software is its implementation of the Internet Protocol Security (IPSec) framework. This technology secures Internet Protocol (IP) communications through authentication and encryption, ensuring the integrity and confidentiality of data transmissions. By leveraging IPSec, HP-UX provides a secure method for connecting remote users and secure sites over untrusted networks, such as the internet.

A notable feature of the HP-UX IPSec Software is its support for both transport and tunnel modes. The transport mode encrypts only the payload of the IP packet, whereas the tunnel mode encapsulates the entire IP packet within a new packet, allowing for secure communications between entire networks. This flexibility enables organizations to tailor their security strategies based on specific use cases and requirements.

HP-UX IPSec also emphasizes interoperability and compliance with industry standards. The software supports various encryption algorithms and authentication methods, including those defined by the Internet Engineering Task Force (IETF). This commitment to open standards ensures that HP-UX can seamlessly integrate with a diverse range of networking infrastructures and security solutions.

In addition to its security features, HP-UX IPSec Software offers administration tools that simplify the configuration and management of IPSec policies. The software includes a user-friendly command-line interface, allowing system administrators to specify security associations and policies efficiently. Moreover, comprehensive logging and monitoring capabilities help organizations keep track of their security posture and detect potential vulnerabilities.

Another essential characteristic of HP-UX IPSec Software is its scalability. Designed to accommodate the needs of both small and large enterprises, it can handle increased loads and adapt to changing security demands without compromising performance.

In conclusion, HP-UX IPSec Software stands as a vital solution for organizations seeking to protect their data transmissions over IP networks. With its core technologies, such as transport and tunnel modes, adherence to industry standards, user-friendly administration tools, and scalability, it provides a formidable layer of security in an increasingly interconnected world. This makes it a preferred choice for enterprises aiming to enhance their network security frameworks.
Top Page Image Contents