Enterasys csx5500 用户指南
USER’S GUIDE
234 CyberSWITCH
7.
Enable the Decryption/Encryption feature. (This selection is a toggle switch).
8.
Configure encryption key implementation:
•
•
If you plan to use the CyberSWITCH’s automated key exchange, enable Proprietary Key Ex-
change. (This selection is a toggle switch.) Then skip to step 11.
change. (This selection is a toggle switch.) Then skip to step 11.
•
If you plan to use manually-configured keys, verify that Proprietary Key Exchange is dis-
abled, and continue with step 9.
abled, and continue with step 9.
9.
Specify an 8-byte (16-hex digits) decryption key. This value is an arbitrary value; however, it
must be the same as the encryption key on the other side of the connection.
must be the same as the encryption key on the other side of the connection.
10. Specify an 8-byte (16-hex digits) encryption key. This value is an arbitrary value; however, it
must be the same as the decryption key on the other side of the connection.
11. Press<RET> to return to the Device Table Menu.
Note:
You may use the same value for both your encryption and decryption keys at a single site.
However, we recommend different values for these keys to provide the utmost security.
However, we recommend different values for these keys to provide the utmost security.
Refer to the Background Information section for a pertinent example of
U
SING
M
ANAGE
M
ODE
Not supported.
E
NCRYPTION
C
ONFIGURATION
E
LEMENTS
R
ESOURCE
T
YPE
The type of adapter (resource) that plugs into the system. In this specific case, you need to specify
the DES/RSA encryption adapter. This adapter is available to U.S. and Canadian markets only.
Export or use in other countries requires appropriate permission from the U.S. Government.
the DES/RSA encryption adapter. This adapter is available to U.S. and Canadian markets only.
Export or use in other countries requires appropriate permission from the U.S. Government.
The DES/RSA adapter implements the Data Encryption Standard algorithm for encryption
purposes, and also includes an RSA chip. (Refer to the
purposes, and also includes an RSA chip. (Refer to the
appendix for adapter
illustrations.)
R
ESOURCE
S
LOT
The slot number in the CyberSWITCH into which the resource is plugged. (Do not use slot 1).
The following elements apply to Network Layer Encryption only:
S
ECURITY
A
SSOCIATION
P
ACKET
D
IRECTION
Specifies whether the security associations refer to outgoing packets, incoming packets, or both.
The default is both. For utmost security, you may want to consider configuring separate security
The default is both. For utmost security, you may want to consider configuring separate security
Device PPP Encryption Menu
1) Decryption/Encryption DISABLED
2) Proprietary Key Exchange DISABLED
3) Decryption key
4) Encryption key
2) Proprietary Key Exchange DISABLED
3) Decryption key
4) Encryption key
Id of parameter to change or <RET> to cancel: