Ipsec and ike implementation over fcip – Brocade Network Advisor SAN User Manual v12.3.0 User Manual
Page 996
944
Brocade Network Advisor SAN User Manual
53-1003154-01
IPsec and IKE implementation over FCIP
22
4. Click Advanced Settings.
The Advanced Settings dialog box is displayed. This dialog box has a Transmission tab, Security
tab, and FICON Emulation tab. Configure QoS percentages on the Transmission tab
(
).
FIGURE 428
Advanced Settings Transmission Tab
5. Click the up or down arrows by QoS High, QoS Medium, and QoS Low to increment values by
1% and override the default values of 50% (high), 30% (medium), and 20% (low). The three
values must equal 100%. A minimum of 10% is required for each level.
NOTE
Editing QoS values is a disruptive operation, so a warning message displays when you make
changes.
IPsec and IKE implementation over FCIP
Internet Protocol security (IPsec) uses cryptographic security to ensure private, secure
communications over Internet Protocol networks. IPsec supports network-level data integrity, data
confidentiality, data origin authentication, and replay protection. It helps secure your SAN against
network-based attacks from untrusted computers, attacks that can result in the denial-of-service of
applications, services, or the network, data corruption, and data and user credential theft. IPsec
does not require you to configure separate security for each application that uses TCP/IP.
When configuring for IPsec, however, you must ensure that the same policies are defined in the
switches or blades at each end of the FCIP tunnel. IPsec works on FCIP tunnels with or without
compression, FCIP Fastwrite, and tape acceleration. IPsec can only be created on tunnels using
IPv4 addressing.