Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1401140214031404140514061407140814091410
B-16
Glossary
IPsec certificate See certificate.
IPsec
encapsulation
The process by which an AH or ESP header is added to a packet to be sent over
an IPsec VPN.
IPsec policy The policy that the TMS zl Module uses to carry out IKE phase 2 when
negotiating an IPsec SA.
IPsec proposal This is the TMS zl Module's equivalent of a transform set, which is the combi-
nation of security protocols, algorithms, and other settings applied to IPsec
VPN traffic.
IPsec remote
access server
See IRAS.
IPsec SA An SA established with IPsec. See also VPN tunnel.
IPSecuritas A VPN client for Mac OS X.
IRAS IPsec Remote Access Server. The device that provides access to the target VPN
network. An IRAS is also known as a security gateway.
ISAKMP Internet Security Association and Key Management Protocol. The protocol
that defines the procedures for authenticating peers, creating and managing
security associations (SAs), key generation techniques, and threat mitigation.
ISN Initial Sequence Number. Negotiated in the first 2 steps of the 3-way hand-
shake, an ISN is the number given to the first packet in a TCP session.
K
key In cryptography, a key is a unique value or string of text that is used to encrypt
data when that data is run through an encryption or hash algorithm. To decrypt
or dehash the data, a device must apply the correct key to the encrypted data.
The length of a key generally determines how difficult it will be to decrypt the
data. Keys can be either symmetric or asymmetric.
key exchange
method
The method used to generate the keys used to negotiate an IPsec SA, either IKE
or manual keying.
key exchange
mode
The mode used to initiate IKE. The two exchange modes are Main mode and
Aggressive mode. Also known as IKE mode.