Enterasys Networks CSX6000 Mode D'Emploi
C
ONFIGURING
E
NCRYPTION
O
VERVIEW
The CyberSWITCH encryption option provides 56-bit data encryption through two different
implementations:
•
implementations:
•
IP (or Network Layer) Security
•
PPP (or Link Layer) Encryption
These implementations use the Data Encryption Standard (DES) algorithm. DES provides data
security for transmissions over the WAN between encryption devices, either through PPP or frame
relay connections, or over unprotected media, such as the Internet.
security for transmissions over the WAN between encryption devices, either through PPP or frame
relay connections, or over unprotected media, such as the Internet.
If you have purchased the CyberSWITCH encryption option, you will need to properly configure
the feature to make it operational. This involves configuring the following through CFGEDIT:
•
the feature to make it operational. This involves configuring the following through CFGEDIT:
•
An encryption adapter (through Resources)
•
Security Associations and/or Authentication Headers (through Options). These are for IP secu-
rity only.
rity only.
•
Link Layer Encryption parameters (through Security). These are for PPP Encryption only.
Note:
If you have an existing CyberSWITCH without encryption, you may upgrade to an
encrypted system. To do this, you must install the proper adapter and encryption-capable
software, then configure the encryption parameters. However, take note that this is a one-
way process! (You cannot “downgrade” an encryption-capable system to a non-
encryption software release).
encrypted system. To do this, you must install the proper adapter and encryption-capable
software, then configure the encryption parameters. However, take note that this is a one-
way process! (You cannot “downgrade” an encryption-capable system to a non-
encryption software release).
If CyberSWITCH encryption is new to you, we suggest you review the
and
sections before attempting configuration. Then continue with the following
configuration process.
C
ONFIGURATION
C
ONFIGURING
AN
E
NCRYPTION
ADAPTER
U
SING
CFGEDIT
1.
From the CFGEDIT Main Menu, select Physical Resources.
2.
Select Resource.
3.
Select Add a Resource.
4.
From the list of resource types, choose DES_RSA.
5.
Identify the slot number containing the added encryption adapter.
Note:
Only one encryption adapter is allowed per system.
U
SING
M
ANAGE
M
ODE
You may not add an encryption adapter via Manage Mode.