Manualshelf

HP-UX IPSec A.03.02.02 Release Notes HP-UX 11i version 3 (766158-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
12345678910
2 New and changed features
New and changed features in A.03.02.02
HP-UX-IP Sec A.03.02.02 release adheres with RFC4868 to support HMAC-SHA-256,
HMAC-SHA-384, and HMAC-SHA-512 both for IKE and ESP (Encapsulating Security Payload). It
also supports the new encryption algorithms AES-CBC-192 and AES-CBC-256 along with the
currently supported AES-CBC-128 transforms that exist in A.03.01.01 version (RFC3602).
HP-UX IPSec A.03.02.02 has a dependency on PHNE_43412 patch.
The A.03.02.02 release of HP-UX IPSec introduces the following changes:
IKE new algorithms support
HP-UX IPSec A.03.02.02 version supports the following IKE transforms in addition to the currently
supported transforms in A.03.01.01 version:
IKEv1
Authentication Algorithms: SHA2-256, SHA2-384, and SHA2-512
Encryption Algorithms: AES192-CBC and AES256-CBC
IKEv2
Authentication Algorithms: HMAC-SHA2-256, HMAC-SHA2-384, and HMAC-SHA2-512
Encryption Algorithms: AES192-CBC and AES256-CBC
ESP new algorithm support
HP-UX IPSec A.03.02.02 version supports the following ESP transforms along with the currently
supported transforms in A.03.01.01 version.
ESP
Authentication Algorithms: HMAC-SHA2-256, HMAC-SHA2-384, HMAC-SHA2-512
Encryption Algorithms: AES-CBC-192, AES-CBC-256
Ipsec_config
Ipsec_config command is enhanced to support and configure the newly introduced IKE and
ESP algorithms.
Ipsec_report
Ipsec_report command is enhanced to display the associations formed with newly introduced
transforms for both Phase1 and Phase2.
New and changed features in A.03.01.01
The A.03.01.01 release of HP-UX IPSec introduces the following changes:
Revised requirement for OpenSSL software
HP-UX IPSec now requires version A.00.09.08q or later. For more information, see “Software
requirements (page 19).
IKE support for D-H group 24
HP-UX IPSec now supports the Diffie-Hellman (D-H) group having Transform ID 24 for IKE. The
group is used with the IKE protocol to provide security for Internet communications. The IKE
New and changed features in A.03.02.02 7