Pfs | Kyocera Multifunctional Printer specification

COMMAND CENTER Pages

Advanced > Security > IPSec > Rule1 (to Rule3)

These pages allow you to select or edit rules to use for IPSec protocol-based communication.

Item	Description

Rule	Specifies whether or not to enable the selected IPSec policy
	rule. Select On to enable the rule. Select Off to disable it.

Key Exchange	When using IKE phase1, a secure connection with the other
(IKE phase1)	end is established by generating ISAKMP SAs. Configure the
	following items so that they meet the requirement of the other
	end.

Policy	Main Mode protects identifications but requires more
	messages to be exchanged with the other end. Aggressive
	Mode requires fewer messages to be exchanged with the
	other end than Main Mode but restricts identification
	protection and narrows the extent of the parameter
	negotiations. When Aggressive Mode is selected and Pre-
	shared is selected for Authentication Type, only host
	addresses can be specified for IP addresses of the rule.

Hash	Selects the hash algorithm.

Encryption	Selects the encryption algorithm.

Diffie-	The Diffie-Hellman key-sharing algorithm allows two hosts on
Hellman	an unsecured network to share a private key securely. Select
Group	the Diffie-Hellman group to use for key sharing.

Lifetime	Specifies the lifetime of an ISAKMP SA in seconds.
(Time)

Data Protection (IKE phase2)

In IKE phase2, IPSec SAs such as AH or ESP are established by using SAs established in IKE phase1. Configure the following items so that they meet the requirement of the other end.

Protocol	Select ESP or AH for the protocol. ESP protects the privacy
	and integrity of the packet contents. Select the hash algorithm
	and encryption algorithm below. AH protects the integrity of
	the packet contents using encryption checksum. Select the
	hash algorithm below.

Hash	Selects the hash algorithm.

Encryption	Selects the encryption algorithm. (When ESP is selected
	under Protocol.)

PFS	When PFS is set to On (enabled), even if a key is decrypted,
	the decrypted key cannot be used to decrypt the other keys
	generated after the decryption. This improves the safety, but
	imposes a heavy burden because of more key-generation
	processes.

Diffie-

Hellman

Group

The Diffie-Hellman key-sharing algorithm allows two hosts on an unsecured network to share a private key securely. Select the Diffie-Hellman group to use for key sharing.

48	KYOCERA COMMAND CENTER

Image 52

Kyocera Multifunctional Printer manual Advanced Security IPSec Rule1 to Rule3, Pfs

Contents

Command Center Legal and General Information Table of Contents Page Using Command Center System RequirementsProtocol Web browser Accessing Command Center Admin passwordAuthentication Encryption Start Start Start Start Status Pages Description NetworkGeneral Snmp Start Links Start InformationFAX Basic Defaults Network BootpBasic Dhcp Basic Defaults Time UTC/GMT Basic Defaults Reset Basic Defaults Device Defaults RAM Disk Mode RAM Disk SizeFile Name Additional Basic Security Account Settings Basic Security Device Security General Basic Security Device Security Interface Block Basic Security User Login Basic Security Device Security Network SecuritySSL, Http HTTPS, FTP Basic Security Certificates Printer Printer Summary of Network Printer Access Methods Printer System Printer System APL. Filter Parameters Printer System APL. FilterPrinter Media Input Scanner Scanner DefaultsPrinter Document Output Command Center Pages FAX / i-FAXScanner FTP Scanner SMB FAX / i-FAX Common Receive FAX / i-FAX Common DefaultsFAX / i-FAX Common RX/Forward Requirements General Enable Time Use Requirements ListAll Name Print ForwardSeparate Number Destination List Save to FAX BoxName Status SMB FAX / i-FAX FAX Defaults Click Import Contacts or Import Groups FAX / i-FAX FAX Receive FAX / i-FAX FAX TransmitFAX / i-FAX FAX FAX Restrictions General FAX / i-FAX FAX FAX Restrictions Permit Number List FAX / i-FAX FAX FAX Restrictions Permit ID ListFAX / i-FAX FAX FAX Restrictions Reject Number List FAX / i-FAX FAX Encryption Key FAX / i-FAX i-FAX Smtp FAX / i-FAX i-FAX POP3 POP3 Jobs FAX / i-FAX i-FAX Domain Restrictions GeneralFAX / i-FAX i-FAX Domain Restrictions Smtp Restriction List FAX / i-FAX i-FAX Domain Restrictions POP3 Restriction List Document Box Document Box Custom Box Document Box FAX Box Editing a FAX Box Advanced Document Box Polling Box DNS Advanced Protocols TCP/IP GeneralWins Advanced Protocols TCP/IP IP Filters Advanced Protocols TCP/IP Logical Printers Advanced Protocols Netware Start of JobString End of Job Enables or disables IPP Advanced Protocols IPPAdvanced Protocols AppleTalk IPP Advanced Protocols NetBEUI Advanced E-mail Smtp GeneralNetBEUI Workgroup Advanced E-mail Smtp E-mail Recipient # Advanced E-mail POP3 General Advanced E-mail POP3 User # Name Login Password Use ApopAdvanced Management Snmp SNMPv1/v2c Write Community Advanced Management Snmp SNMPv3 Advanced Management Authentication Enables or disables access to the Ldap serverAdvanced Management Ldap Ldap Advanced Management Maintenance Domain NameHost Name Server Type Advanced Security Secure Protocols Advanced Security IEEE802.1xSSL Https Advanced Security IPSec General Advanced Security IPSec Rule1 to Rule3 PFS Lifetime MeasureMent Lifetime Time Advanced Set to Secure Https Security Secure Symptom Check Items Corrective ActionSecure HTTPS? Symptom Check Items Corrective Action Reference Center Command CENTER?Page Page Rev .7W