Cisco Cisco IOS Software Release 12.4(2)T Fascicule
© 2008 Cisco Systems, Inc. All rights reserved.
21
Group Encrypted Transport VPN
(GET VPN) Enhancements
(GET VPN) Enhancements
Feature
Benefit
Passive Security Association (SA)
Allows group member routers
to modify the SA's downloaded from
the key server; Enables transitions in
large scale deployments
to modify the SA's downloaded from
the key server; Enables transitions in
large scale deployments
Fail-Close
Prevents GET VPN group member
routers from sending out packets in the
routers from sending out packets in the
clear
Change Key Server Role
Allows a manual start to the election
process of the primary key server
process of the primary key server
Cooperative Key Servers : Sharing
Keys
Keys
Optimizes the number of rekeys that
are sent in the event of a network split,
allowing the network to stabilize
rapidly
are sent in the event of a network split,
allowing the network to stabilize
rapidly
Re-key from Secondary on Merge
Reduces communications burden of
the primary key server
the primary key server
Cisco IOS
Security