Multi-protocol tunneling and encryption – Vanguard Managed Solutions Vanguard 342 User Manual

1-8

About the Vanguard 342

Target Applications

Standard-based Tunneling and Encryption for IP Traffic

IPSec

IPSec is the predominant tunneling and security standard for IP Networks. It defines
protocols required for site-to-site as well as remote access VPN implementations at
layer 3 of the OSI model. Vanguard Applications Ware release 5.5 and greater
supports these IPSec features:

• Authentication Header (AH) and Encapsulating Security Payload (ESP) for

user authentication and encryption.

• Internet Key Exchange (IKE) using preshared keys for key management.

• Message Digest (MD5) and Secure Hashing Algorithm-1 (SHA-1) for data

integrity.

• ISAKMP supports DES, Triple-DES and AES

• ESP support DES, Triple-DES and AES

Note

ISAKMP and ESP support is available with the ECC DIMM.

Multi-protocol Tunneling and Encryption

General Router
Encryption (GRE)

Whereas IPSec can only tunnel IP traffic over IP Networks, GRE tunneling is a
Layer 2 protocol that can tunnel multi-protocol traffic over IP Networks. This
enables the Vanguard to tunnel and encrypt IP, IPX, and other bridge data.

DES and Triple-DES (112-bit) are used as encryption algorithms and the fast and
efficient SAM proprietary key exchange protocol is used for key management.
Integrity Check Character (ICC) establishes data integrity when the SAM protocol is
implemented.