Avaya 3.7 User Manual Page 313
- Page / 326
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Issue 4 May 2005 313
Glossary
A
Aggressive mode An IKE mechanism used in the first phase of establishing a security
association. Aggressive mode accomplishes the same authentication
negotiating goal between clients as Main mode but faster (three packets versus
six).
AH/ESP In an IPSec packet, the Authentication Header (AH) and Encapsulation Security
Payload (ESP) header. IKE VPNs authenticate IP packets using either an ESP
header as defined in draft-ietf-ipsec-esp-v2-03.txt, or AH as defined in IETF
draft-ietf-ipsec-auth-header-04.txt.
Alarms When a security gateway in the VPN reports an alarm condition, details about
the alarm including type, timestamp, and the originating security gateway can
be found in the VPNmanager main screen Alarm pane.
Authentication Generic
The process of ensuring that the data received is the same data that was sent
from the source.
Local
Local Authentication is used in non-dynamic VPNs (VPNs not using RADIUS or
a directory server (LDAP) as the authentication database). Here, the user is
authenticated from the database stored in the security gateway’s flash memory.
RADIUS
RADIUS Authentication uses an external RADIUS server and database for user
authentication.
LDAP
LDAP Authentication uses the designated directory server database for user
authentication.
B
Brute Force Attack A hack attack that attempts to recover a cryptographic key by trying all
reasonable possibilities.
C
CCD Client Configuration Download. The protocol used to download the VPN
session parameter configuration file from the security gateway to the remote
client as part of a successful authentication when the security gateway is
configured for Local Authentication.
- Release 3.7 1
- WARNING: 3
- Contents 5
- What Products are Covered 15
- VPNmanager Overview 15
- Intranet and Extranet Support 16
- Secure VPN Configuration 16
- No Special Consoles Required 16
- Related Documentation 17
- How This Book Is Organized 17
- Contacting Technical Support 19
- Security gateways 21
- VPNremote Client software 22
- VPNmanager software 22
- Issue 4 May 2005 23 23
- Security gateway 24
- Issue 4 May 2005 25 25
- IP groups 26
- Remote users and user groups 26
- Security policies 27
- Overview of implementation 28
- Additional features 29
- Client IP address pooling 30
- SSL for Directory Server 30
- 11. Configure firewall rules 31
- Chapter 2: Using VPNmanager 33
- To add an administrator 34
- Add a policy server 35
- Navigating the main window 36
- File menu 37
- Using VPNmanager 38
- Edit menu 39
- View menu 39
- Tools menu 40
- Help menu 40
- VPN view pane 42
- Tiled View 43
- Tree View 43
- Configuration Console window 44
- Update Devices 47
- Preferences 48
- Dyna Policy Defaults (User) 49
- Dyna Policy Defaults (Global) 49
- Dyna Policy Authentication 50
- Remote Client 51
- Alarm/Monitoring 52
- Issue 4 May 2005 53 53
- New VPN Domain 55
- Setting up the network 56
- Issue 4 May 2005 57 57
- Issue 4 May 2005 59 59
- General tab 60
- Issue 4 May 2005 61 61
- Issue 4 May 2005 63 63
- To add a DNS Relay 64
- To add a static DNS server 65
- To add a DNS server address 65
- Interfaces tab 66
- Issue 4 May 2005 67 67
- Issue 4 May 2005 69 69
- Static addressing 70
- DHCP addressing 70
- Local DHCP Server 71
- DHCP Relay 73
- Changing network interfaces 73
- Issue 4 May 2005 75 75
- Private port tab 76
- Issue 4 May 2005 77 77
- Device users tab 79
- Network Object tab 80
- Issue 4 May 2005 81 81
- Issue 4 May 2005 83 83
- To build a RIP table: 84
- Policies tab, NAT services 85
- Configuring NAT (VPNos 4.31) 86
- To edit a NAT rule 87
- To delete a NAT rule 87
- About NAT types for VPNos 3.X 88
- Issue 4 May 2005 89 89
- Issue 4 May 2005 91 91
- Interface for VPNos 4.2 93
- Original 94
- Tunnel NAT rules 95
- To add a tunnel NAT rule: 96
- About IP Groups 97
- New IP Group 98
- IP Group - General tab 98
- Issue 4 May 2005 99 99
- Add IP Group member 100
- Configuring an IP Group 101
- Configuring IP Groups 102
- Issue 4 May 2005 103 103
- Default client configuration 105
- Using dyna-policy 106
- Issue 4 May 2005 107 107
- Disable split tunneling 108
- Issue 4 May 2005 109 109
- Local authentication 110
- RADIUS authentication 110
- LDAP authentication 110
- Dynamic VPNs (VPNos 3.x) 110
- Remote Client tab 111
- Send Syslog messages. . 112
- Issue 4 May 2005 113 113
- Creating new user object 114
- User - General tab 115
- Memo tab 116
- Dyna-Policy tab 116
- Actions tab 117
- ● Directory Name 118
- ● IP Address 118
- ● DNS Name 118
- ● Email Name (RFC 822) 118
- Issue 4 May 2005 119 119
- Using local authentication 120
- Add Client IP address pool 121
- Add Client DNS 121
- Configuring client attributes 122
- Enforce brand name 123
- RADIUS/ACE Services 124
- Settings 125
- RADIUS concepts 125
- The RADIUS protocol 126
- Add (RADIUS/ACE server) 126
- To add a RADIUS server: 127
- New user group 129
- User Group - General tab 130
- User Group - Memo tab 130
- User Group - Actions tab 131
- Configuring a user group 131
- Configuring user groups 132
- Types of VPN objects 133
- IKE VPNs 134
- VPN packet processing modes 134
- Default VPN policy 135
- Creating a new VPN object 136
- Creating a default VPN 136
- Creating a designated VPN 137
- Using the VPN tabs 138
- Members-Users tab 140
- Members-IP Groups tab 140
- Security (IKE) tab 141
- Configuring VPN objects 142
- Issue 4 May 2005 143 143
- Security (IPSec) 144
- IPSec Proposals 145
- Add IPSec proposal 146
- Issue 4 May 2005 147 147
- VPN configuration 148
- Advanced VPN tab 149
- Configuring a SKIP VPN 150
- Issue 4 May 2005 151 151
- Configuring an IKE VPN 152
- Issue 4 May 2005 153 153
- Issue 4 May 2005 155 155
- Enabling CRL checking 156
- Issue 4 May 2005 157 157
- VPN Object export checklist 159
- Export procedure 160
- Issue 4 May 2005 161 161
- Rekeying a VPN object 162
- Firewall rules set up 163
- Firewall rules 164
- Issue 4 May 2005 165 165
- Device level firewall rules 166
- Issue 4 May 2005 167 167
- Security Gateways and FTP 168
- Firewall templates 169
- Predefined templates 170
- User defined templates 170
- Issue 4 May 2005 171 171
- Services 172
- Device Group 173
- Denial of Service 173
- Establishing security 174
- Voice Over IP 175
- Issue 4 May 2005 177 177
- Add gatekeeper settings 179
- QoS policy and QoS mapping 180
- CAUTION: 181
- To add a QoS policy 182
- Issue 4 May 2005 183 183
- Packet Filtering 184
- What can be filtered 185
- Packet Filtering and NAT 185
- Advanced 186
- Add Packet Filtering Policy 187
- From/Where 188
- To Where 189
- Managing the ACL 190
- Issue 4 May 2005 191 191
- About Differentiated Services 193
- How a VSU marks packets 193
- Types of marking rules 194
- Issue 4 May 2005 195 195
- Packet filtering firewall 196
- Add firewall policy 197
- Device Advanced 199
- Using advanced features 200
- Path MTU Discovery 201
- NAT Traversal 203
- To change the port number: 204
- Send Device Names 205
- Tunnel Persistence 207
- TEP Policy 209
- Servers 210
- Managing the server list 211
- Resilient Tunnel 212
- Tunnel Switching 213
- Creating a resilient tunnel 214
- Add resilient tunnel 215
- Primary end-point service 217
- Secondary end-point service 217
- Failover TEP 218
- Advanced Action 219
- Switch Flash 220
- Reset password 220
- Disable FIPS 220
- High Availability 221
- Virtual addresses 222
- Issue 4 May 2005 223 223
- Configuring high availability 224
- To update HA VSUs: 225
- Failover 226
- To configure failover: 227
- Failover reconnect 229
- Issue 4 May 2005 231 231
- Keep Alive 232
- To configure keep alive: 233
- About VSU certificates 234
- Issue 4 May 2005 235 235
- To switch certificates: 237
- Issuer certificates 238
- Issue 4 May 2005 239 239
- IKE Certificate Usage 240
- Issue 4 May 2005 241 241
- Issue 4 May 2005 243 243
- Issue 4 May 2005 245 245
- To add SNMP trap targets 246
- VPN active sessions 247
- Syslog Services 248
- Add Syslog Policy 249
- Using Monitor 250
- Issue 4 May 2005 251 251
- Monitoring your network 252
- Issue 4 May 2005 253 253
- Issue 4 May 2005 255 255
- Issue 4 May 2005 257 257
- Issue 4 May 2005 259 259
- Issue 4 May 2005 261 261
- Issue 4 May 2005 263 263
- Issue 4 May 2005 265 265
- Define Custom 267
- Monitoring alarms 268
- Alarm Types 269
- Report Wizard 270
- Issue 4 May 2005 271 271
- Generating the report 272
- Device diagnostics 273
- Using the Management tab 275
- To set up SSH or Telnet 276
- Using the Connectivity tab 277
- Check connectivity by ping 278
- Using the Device Actions tab 279
- Update Configuration 280
- Reset Device Time 280
- Reboot Device 280
- Re-setup Device 281
- Import Device Configuration 281
- Ethernet Speed 282
- Redundancy 283
- Export VPN 284
- Exporting RADIUS 285
- Device management 286
- Issue 4 May 2005 287 287
- Device - Upgrade tab 288
- Issue 4 May 2005 289 289
- License 290
- Encryption Strength 291
- Remote Access (VSU-100 Only) 291
- Issue 4 May 2005 293 293
- Solaris OS Computers 295
- Issue 4 May 2005 297 297
- Firewall rules template 298
- Issue 4 May 2005 299 299
- Issue 4 May 2005 301 301
- Issue 4 May 2005 303 303
- Issue 4 May 2005 305 305
- Issue 4 May 2005 307 307
- DMZ zone firewall templates 309
- Management zone security 311
- Glossary 313
- Certificate Authority 314
- Issuer Certificates 315
- Issue 4 May 2005 315 315
- Signing Certificates 317
- Issue 4 May 2005 317 317
- Numerical 319
Related products and manuals for Hardware Avaya 3.7
Hardware Avaya CA40 User Manual
(2 pages)
(2 pages)
© 2020, manymanuals.com. All rights reserved. | 0.211 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals