7

CONFIGURING IP SECURITY

 

Overview

The EtherLink PCI NIC accelerates IP security (IPSec) data encryption from supported operating systems that provide this offload capability. This feature is currently available in the Microsoft Windows 2000 operating system.

Data encryption is available for Windows 95 and Windows 98 through DynamicAccess LAN Encryption software provided on the EtherCD. See Data Encryption on page 14 for more information.

IPSec consists of two parts:

encryption/decryption

authentication

To send or receive encrypted data in a PC running Windows 2000 with an EtherLink PCI NIC installed, you must first create a security policy, and then enable encryption on the NIC. The security policy establishes and defines how encrypted network traffic between your PC and a specified server occurs.

Authentication enables the receiver to verify the sender of a packet by adding key fields to a packet without altering the packet data content.

The following table shows the available levels of encryption:

Encryption

Encryption

Description

Type

Level

 

 

 

AH

medium

Authentication only

 

 

 

ESP

high

Authentication and encryption

 

 

 

Page 123
Image 123
3Com 3CR990SVR95, 3CR990-TX-97, 3CR990-TX-95, 3CR990SVR97 manual Configuring IP Security, Encryption Description Type Level