Billion Electric Company BiGuard 30 User Manual

Page 165

Text mode
Original mode

Advertising

165

encryption, and is more vulnerable to Denial of Service attacks.

Phase II, known as Quick Mode, establishes symmetrical IPSec Security
Associations for both AH and ESP. It does this by negotiating IPSec parameters,
exchange nonces to derive session keys from the IKE shared secret, exchange DH
values to generate a new key, and identify which traffic this SA bundle will protect
using selectors (IDi and IDr payloads).

The following is an illustration on how data is handled with IKE:

Start

Main Mode

Aggressive Mode

Quick Mode

With PFS

Quick Mode

Without PFS

Phase 1
Negotiate
ISAKMP SA
Mutual Authentication

Phase 2
Negotiate SAs
For AH and ESP

Protected Data Transfer

New IPSec tunnel or Rekeying

Advertising

Popular Brands

Apple
Bissell
Brother
Canon
Casio
Cisco
Craftsman
Dell
FRIGIDAIRE
Garmin
GE
Honeywell
HP
John Deere
Kenmore
LG
Maytag
Motorola
NETGEAR
Nikon
Panasonic
Pioneer
Samsung
Sharp
SINGER
Sony
Whirlpool
Yamaha

Popular manuals

Canon - AE-1
Fitbit - Flex
Nikon - D5000
Nikon - D40
Nikon - D3100
Nikon - D90
Nikon - D7000
Nikon - D80
Nikon - D3000
HP - Officejet Pro 8600
Canon - EOS 60D
HP - 12C Financial calculator