HP Embedded Firewall manual Overview, Offloading Encryption Processing

Page 29

9

Installing and Configuring Data Encryption Offloads

The 3CR990B NIC performs data encryption processing offloads in Windows 2003, Windows XP, and Windows 2000.

The 3CR990B NIC does not encrypt the data itself: the operating system performs that function.

Encryption processing is handled entirely by the NIC. The NIC enables true end-to-end network security at the data capacity of the connected network cable, without sacrificing performance.

This chapter provides instructions for configuring IPSec in Windows 2003, Windows XP, and Windows 2000 environments.

Overview

Internet Protocol Security (IPSec) is a framework of open standards for ensuring secure private communications over IP networks. IPSec ensures confidentiality, integrity, access control, and authenticity of data communications across a public IP network.

Offloading Encryption Processing

You can configure any two (or more) computers running Windows 2003, Windows XP, or Windows 2000 to perform IPSec encryption by changing the Local Security Setting in the operating system.

With most non-3CR990B NICs, all the IPSec processing is done by the host central processing unit (CPU), which significantly diminishes CPU performance. The 3CR990B NIC can offload all the encryption processing from the host CPU, thereby freeing the CPU to work on other tasks.

Selecting Basic or Strong Encryption Processing

The 3CR990B NIC provides Data Encryption Standard (DES) 56-bit encryption processing and 3DES (3DES 168-bit) encryption processing. You can configure the 3CR990B NIC to process data packets encrypted with either DES (basic) or 3DES (strong) algorithms. DES and 3DES are IPSec bulk encryption algorithms for coding data.

DES encrypts 64-bit data blocks using a 56-bit key. DES can be applied in several modes. 3DES (Triple DES) achieves a higher level of security by encrypting the data three times using DES with three different, unrelated keys. 3DES is also known as 168-bit data encryption.

23

Page 28 Page 30
Image 29
Page 28 Page 30
Contents 10/100 Secure Network Interface Card User GuideUnited States Government Legend Contents Installing and Configuring Data Encryption Offloads Configuring the NIC Running NIC Diagnostics Installation Overview Installing and Connecting the NICMinimum Installation Requirements Network Environment Cable Required Maximum Cable Length Safety PrecautionsPreparing the NIC and the Computer Installing and Connecting the NIC 3CR990B-97 NIC Verifying the Network Driver Installation Installing the Network DriverInstall without Diagnostic Program-installs the driver only Double click Network ConnectionsWindows 2003 Server Driver Installation Windows XP Driver Installation Windows XP Driver Installation Windows 2000 Driver Installation Windows 2000 Driver Installation Click Have Disk Windows NT 4.0 Driver InstallationVerifying the Network Driver Installation Windows 98 SE Driver Installation Windows 98 SE Driver Installation Installation During Novell OS Installation Novell NetWare Driver InstallationInstalling the Driver in Novell NetWare Server 5.1 Identifying the Slot Number Installation with Novell Already InstalledChoose Select a driver Select Save parameters and load driverLoad ODINEB.NLM Verifying or Modifying NIC ParametersRemoving Drivers from Autoexec.ncf Installing the Driver in Novell NetWare Server Page Cd /tmp/3c990/3c990 make Linux 2.4 Driver InstallationLinux 2.4 Driver Installation Selecting Basic or Strong Encryption Processing OverviewOffloading Encryption Processing Encryption Type Level Description Configuring IPSec in Windows 2003, Windows XP, and WindowsCreating a Security Policy Defining the Console Clear the Activate the default response rule check boxCreating the Policy Select IP Security Policy Management, and then click AddCreating the Filter Action Creating a FilterBinding the Filter Enabling Encryption Binding the Filter ActionDisabling Encryption Select Un-assignInstalling and Configuring Data Encryption Offloads 3Com DynamicAccess Advanced Server Features Installing 3Com Advanced Server Features for WindowsAbout the Advanced Server Features Failover Load BalancingVLANs Server Features Using Other NICsVerifying the Installation Installing 3Com Advanced Server SoftwarePlanning the Configuration Configuring Groups and VLANsNumber of VLANs Working With Server FeaturesWindows NT Creating a GroupWindows 2003, Windows XP, and Windows Specifying a Dedicated IP Address Adding NICs to a GroupCreating a Vlan Click ConfigureChanging an IP Address Specifying Traffic PrioritiesDisabling Load Balancing for a Group Saving the ConfigurationChanging the Primary NIC Removing a NIC from a GroupSymptomTip Troubleshooting a Load Balancing ConfigurationDisplaying NIC Properties Displaying Group PropertiesDouble-clickNetwork Adapters Enabling Offloads Value Offload Function EnablesConfiguring Offloads for a Group of Different NICs Default NIC Settings Configuring the NICOption Description Settings DisabledAll Configuring the NICMethod Description Requirements Configuration MethodsInstalling the 3Com NIC Diagnostics Program Changing General NIC Configuration SettingsUsing the 3Com NIC Diagnostics Program Starting the 3Com NIC Diagnostics ProgramUsing the 3Com DOS Configuration Program Enabling or Disabling the Boot ROM Setting Configuring the Managed PC Boot Agent MBABooting From the Network BBS BIOS-Compatible PCsDisabling the 3Com Logo Non-BBS BIOS-Compatible PCsInterpreting the NIC LEDs Troubleshooting the NIC3CR990B-97 NIC State Meaning3CR990B-FX-97 NIC Viewing the NIC LEDs in the Diagnostics ProgramTroubleshooting Problems with the LEDs Accessing the 3Com Knowledgebase Accessing 3Com Support DatabasesAccessing the 3Com NIC Help System Accessing Release Notes and Frequently Asked QuestionsCleaning Up a Failed Installation Troubleshooting the NIC InstallationProblems or Error Messages Tip Description Troubleshooting the Network ConnectionTroubleshooting a Network Connection Troubleshooting Remote Wake-UpRJ-45 Cabling Pinouts Copper NIC Only Troubleshooting HubsWindows NT Removing the Network DriverWindows 2003, Windows XP, and Windows Windows 98 SE NetWare Removing 3Com DynamicAccess Advanced Server FeaturesFrom the Start menu, select Settings/Control Panel Running the 3Com DOS Diagnostics Program Running NIC DiagnosticsTab Description Running the NIC Diagnostics TestsClick Perform NIC Test Running the Network TestRunning the NIC Test Viewing Network Statistics Viewing the NIC LEDs in the 3Com Diagnostics ProgramUsing the 3Com Icon in the Windows System Tray Displaying Network Statistics Removing the 3Com NIC Diagnostics ProgramEnabling the Icon Running NIC Diagnostics Hardware 3CR990B-97 NIC SpecificationsNetwork Interface Standards Conformance3CR990B-FX-97 NIC Specifications Cabling Requirements RJ-45 Connector Pin Assignments About the 3Com DMI Agent Installing the 3Com DMI AgentClick NIC Software Click Install 3Com DMI Agent Now Installing the 3Com DMI AgentSystem Requirements Network Management RequirementsPage Installing the 3Com DMI Agent Obtaining Support for your Product Country Telephone Number Asia, Pacific Rim Contact UsTelephone Technical Support and Repair Latin America Country Telephone NumberEurope, Middle East, and Africa North America Telephone Support and Repair 1 CountryInterference Handbook FCC Class B StatementFCC Declaration of Conformity MIC Class B Compliance Korea Safety Compliance Statement
Top Page Image Contents