Avaya Configuring Data Encryption Services Manuel d'utilisateur télécharger pdf (Page 32)

Configuring Data Encryption Services

3-2

303520-A Rev. 00

Starting Encryption

To enable Bay Networks data encryption on your network, you must:

Create the seeds that the randon number generator (RNG) uses as source

values for the node protection keys (NPKs) and long-term shared secrets

(LTSSs).

Create an NPK for each secure router.

Create an LTSS for each secure line or interface.

Enter an NPK on each secure router using the console interface.

Create the seeds that are source values for Traffic Encryption Keys (TEKs).

Enter the NPK in the PPP or frame relay Node Protection Key parameter.

Enter the LTSS in the PPP or frame relay and LTSS Value parameters.

You can also customize encryption by editing the PPP or frame relay encryption

parameters, as well as the WEP line and interface parameters.

Creating Seeds

From the management console (a PC or UNIX workstation) on which you have

installed Site Manager, you create two seeds to initialize the RNG that generates

keys. Site Manager 6.00 or higher includes software that enables you to create

these seeds.

Site Manager for the PC includes an environment variable that defines the location

where the files that will contain the NPKs and LTSSs reside. On a UNIX platform,

you must set this path.

From the Technician Interface, you create one seed for the NPK for each router.

The following sections provide information about creating seeds for the NPKs and

LTSSs. The section “

Creating TEKs,” later in this chapter, describes how to create

the seed for a TEK.

1 2 ... 27 28 29 30 31 32 33 34 35 36 37 ... 69 70

Pas de commentaire

Avaya Configuring Data Encryption Services Manuel d'utilisateur Page 32