Security policies, Figure 58 create ip security policy dialog box, 58 create ip security policy dialog box – HP H-series Enterprise Fabric Management Suite Software User Manual

Page 104: 17 create ip security policy dialog box fields

Advertising
background image

104 Managing Switches

Security policies

A security policy defines the following parameters:

Connection source and destination

Data traffic direction: inbound or outbound

Protocols for which to protect data traffic

Security protocols; Authentication Header (AH) or Encapsulating Security Payload (ESP)

Level of protection: IP Security, discard, or none

Policies can define security for host-to-host, host-to-gateway, and gateway-to-gateway connections; one

policy for each direction. For example, to secure the connection between two hosts, you need two policies:

one for outbound traffic from the source to the destination, and another for inbound traffic to the source

from the destination. You can specify sources and destinations by IP addresses (version 4 or 6) or DNS host

names. If a host name resolves to more than one IP address, the switch creates the necessary policies and

associations. You can recognize these dynamic policies and associations because their names begin with

DynamicSP_ and DynamicSA_ respectively.
You can apply IP security to all communication between two systems, or to select protocols, such as ICMP,

TCP, or UDP. Furthermore, instead of applying IP security, you can choose to discard all inbound or

outbound traffic, or allow all traffic without encryption. Both the AH and ESP security protocols provide

source authentication, ensure data integrity, and protect against replay.
To create a policy, click Add on the Security Policy Database side of the Create IPsec Configuration dialog

box. This opens the Create IPsec Security Policy dialog box (

Figure 58

).

Table 17

describes the fields in the

Create IP Security Policy dialog box.

Figure 58

Create IP Security Policy dialog box

Table 17

Create IP Security Policy dialog box fields

Field

Description

Name

Name of policy

Description

Description of policy

Source Address

Source port number (1–65535)

Source Prefix Length

Length of prefix in source address

Advertising
This manual is related to the following products:

H-series Enterprise Fabric Management Suite Software Licenses, 8.20q Fibre Channel Switch, SN6000 Fibre Channel Switch

Popular Brands
Popular manuals