ECDSA-384 (for clients using certificates)

7.Diffie-Hellman is a key agreement algorithm that allows two parties to agree upon a shared secret, and is used within IKE to securely establish session keys. To set the Diffie Hellman Group for the ISAKMP policy, click the Diffie Hellman Group drop-down list and select one of the following groups:

Group 1: 768-bit Diffie Hellman prime modulus group.

Group 2: 1024-bit Diffie Hellman prime modulus group.

Group 19: 256-bit random Diffie Hellman ECP modulus group.

Group 20: 384-bit random Diffie Hellman ECP modulus group.

8.Set the Security Association Lifetime to define the lifetime of the security association, in seconds. The default value is 7200 seconds. To change this value, uncheck the default checkbox and enter a value from 300 to 86400 seconds.

9.Click Doneto activate the changes, and return to the previous window

Setting the IPsec Dynamic Map

Dynamic maps enable IPsec SA negotiations from dynamically addressed IPsec peers. ArubaOS has a predefined IPsec dynamic map for IKEv1. If you do not want to use this predefined map, you can use the procedures below to edit an existing map or create your own custom IPsec dynamic map instead.

1.Scroll down to the IPsec Dynamic Map section of the IPSEC tab, then click Edit by a map name to edit an existing map or click Add to create a new map.

2.In the Name field, enter a name for the dynamic map

3.In the Priority field, enter a priority number for the map. Negotiation requests for security associations try to match the highest-priority map first. If that map does not match, the negotiation request continues down the list to the next-highest priority map until a match is made.

4.Click the Version drop-down list and select V1 to create an IPsec map for remote peers using IKEv1.

5.(Optional) Configure Perfect Forward Secrecy (PFS) settings for the dynamic peer by assigning a Diffie-Hellman prime modulus group. PFS provides an additional level of security by ensuring that the IPsec SA key was not derived from any other key, and therefore can not be compromised if another key is broken. Click the Set PFS drop-down list and select one of the following groups:

Group 1: 768-bit Diffie Hellman prime modulus group.

Group 2: 1024-bit Diffie Hellman prime modulus group.

Group 19: 256-bit random Diffie Hellman ECP modulus group.

Group 20: 384-bit random Diffie Hellman ECP modulus group.

6.Select the transform set for the map to define a specific encryption and authentication type used by the dynamic peer. Click the Transform Set drop-down list, and select the transform set for the dynamic peer.

NOTE: To view current configuration settings for an IPsec transform-set, access the command-line interface and issue the command

crypto ipsec transform-set tag <transform-set-name>.

7.Set the Security Association Lifetime to define the lifetime of the security association for the dynamic peer, in seconds. The default value is 7200 seconds. To change this value, uncheck the default checkbox and enter a value from 300 to 86400 seconds.

8.Click Done to return to the previous window.

Finalizing WebUI changes

When you have finished configuring your IPsec VPN settings, click Apply to apply the new settings before navigating to other pages.

278 Virtual Private Networks

Dell PowerConnect W-Series ArubaOS 6.2 User Guide

Page 278
Image 278
Dell 6.2 manual Setting the IPsec Dynamic Map, Finalizing WebUI changes

6.2 specifications

Dell 6.2 is an advanced enterprise solution that caters to the needs of businesses seeking robust performance and efficiency. As a part of Dell's commitment to innovation, the 6.2 series combines cutting-edge technologies and features that enhance productivity and deliver reliable computing experiences.

One of the standout features of the Dell 6.2 is its impressive processing power. Equipped with the latest Intel processors, it offers exceptional speed and multitasking capabilities. This allows businesses to run demanding applications effortlessly, making it ideal for data-intensive tasks such as data analysis, software development, and virtualization. The series also supports substantial RAM configurations, enabling users to manage extensive workloads without experiencing slowdowns.

In terms of storage, the Dell 6.2 line includes advanced SSD options that significantly boost data access speeds compared to traditional hard drives. This rapid access to information is vital for businesses that require quick retrieval of large datasets. Furthermore, the devices support RAID configurations, which enhances data redundancy and security, protecting critical business information from loss.

Connectivity is another critical aspect of the Dell 6.2 series. It includes multiple USB ports, HDMI outputs, and high-speed Ethernet options, ensuring that users can easily connect to various peripherals and networks. The integration of Wi-Fi 6 technology enables faster wireless connections, resulting in improved internet speeds and bandwidth efficiency, which is crucial in today’s increasingly connected workplaces.

Dell has also prioritized security in the 6.2 series. It features enhanced biometric authentication and advanced encryption methods, safeguarding sensitive data from unauthorized access. Additionally, the system's BIOS protection and automatic updates provide an added layer of security, ensuring that the device remains safe from emerging threats.

The design of the Dell 6.2 is not only sleek and modern but also built for durability. Its robust chassis is engineered to withstand the rigors of daily use, making it suitable for various business environments. This durability ensures that the investment in Dell 6.2 will last for years while maintaining performance integrity.

In summary, the Dell 6.2 series embodies a blend of speed, storage efficiency, connectivity, and security, making it a top choice for enterprises looking to enhance their computing capabilities. With its modern features and durable design, Dell 6.2 is positioned as a reliable partner in driving business success.