Brocade Web Tools Administrator's Guide (53-0000194-01, November 2006)
7-6 Web Tools Administrator’s Guide
Publication Number: 53-0000194-01
7
Table 7-2 explains the fields and related choices to create an IKE/IPSec policy.
Table 7-2 IKE/IPSec Configuration Choices
Field Description Choices
Policy Type You can create either an IKE policy or an IPSec
policy
IKE
IPSec
Policy Number This parameter helps you keep track of the
number of policies you have created on your
switch. You can choose any number from 1
through 32. You can define up to 32 IKE and 32
IPSec policies per switch.
1 through 32
Encryption Algorithm A mathematical procedure for performing
encryption on data. Through the use of an
algorithm, information is made into meaningless
cipher text and requires the use of a key to
transform the data back into its original form.
3DES
AES-128
AES-256
Authentication Algorithm An encryption process or tool in which the results
of text encryption depend on all relevant
authentication elements.
SHA-1
MD5
AES-XCBC
Perfect Forward Secrecy
(PFS)
In an authenticated key agreement protocol that
uses public key cryptography, PFS is the property
of disclosure of the long-term secret keying
material that is used to derive an agreed ephemeral
key that does not compromise the secrecy of the
agreed keys from earlier runs.
IKE on/off
IPSec disabled
Diffie-Hellman (D-H) Diffie-Hellman key exchange is a cryptographic
protocol that allows two parties that have no prior
knowledge of each other to jointly establish a
shared secret key over an insecure
communications channel. This key can then be
used to encrypt subsequent communications using
a symmetric key cipher
IKE 1 or 14
IPSec disabled
Security Association
Lifetime
This specifies the lifetime in seconds of the
security association and a new key will be
renegotiated before this value expires if PFS is on.
The security association will expire when either
this value or the value lifetime is reached.
Specify the number
of seconds