IPSec tunnel | The IPSec connection to securely link two private parties across |
| insecure and public channels. |
|
|
IPSec with | Dynamic DNS can be run on the IPSec endpoints thereby creating an |
Dynamic DNS | IPSec tunnel using dynamic IP addresses. |
|
|
IKE | IKE is a profile of ISAKMP that is for use by IPsec. It is often called |
| simply IKE. IKE creates a private, authenticated key management |
| channel. Using that channel, two peers can communicate, arranging |
| for sessions keys to be generated for AH, ESP or IPcomp. The |
| channel is used for the peers to agree on the encryption, authentication |
| and compression algorithms that will be used. The traffic to which the |
| policies will applied is also agreed upon. |
|
|
ISAKMP | ISAKMP is a framework for doing Security Association Key |
| Management. It can, in theory, be used to produce session keys for |
| many different systems, not just IPsec. |
|
|
Key lifetimes | The length of time before keys are renegotiated. |
|
|
LAN | Local Area Network. |
|
|
LED | |
|
|
Local Private Key | The private part of the public/private key pair of the certificate resides |
Certificate & | on the CyberGuard SG appliance. The passphrase is a key that can be |
Passphrase | used to lock and unlock the information in the private key certificate. |
|
|
Local Public Key | The public part of the public/private key pair of the certificate resides on |
Certificate | the CyberGuard SG appliance and is used to authenticate against the |
| CA certificate. |
|
|
MAC address | The hardware address of an Ethernet interface. It is a |
| usually written as a series of 6 hexadecimal octets, e.g. |
| 00:d0:cf:00:5b:da. A CyberGuard SG appliance has a MAC address for |
| each Ethernet interface. These are listed on a label on the underneath |
| of the device. |
|
|
Main Mode | This Phase 1 keying mode automatically exchanges encryption and |
| authentication keys and protects the identities of the parties attempting |
| to establish the tunnel. |
|
|
Manual Keying | This type of keying requires the encryption and authentication keys to |
| be specified. |
|
|
Manual Keys | Predetermined encryption and authentication keys used to establish the |
| tunnel. |
|
|
Masquerade | The process when a gateway on a local network modifies outgoing |
| packets by replacing the source address of the packets with its own IP |
| address. All IP traffic originating from the local network appears to |
| come from the gateway itself and not the machines on the local |
| network. |
|
|
MD5 | Message Digest Algorithm Five is a 128 bit hash. It is one of two |
| message digest algorithms available in IPSec. |
|
|
