Avaya Configuring Data Encryption Services Manuel d'utilisateur télécharger pdf (Page 30)

Configuring Data Encryption Services

3-2 117386-A Rev. A

Starting Encryption

To use Bay Networks data encryption on your network, you must

1. Create the seeds that the RNG uses as source values for the NPKs and LTSSs.

2. Create an NPK for each secure router.

3. Create an LTSS for each secure line or interface.

4. Enter an NPK on each secure router via the console interface.

5. Create the seeds that are source values for TEKs.

6. Enter the NPK in the Frame Relay or PPP Node Protection Key parameter.

7. Enter the LTSS in the Frame Relay or PPP LTSS Name and LTSS Value

parameters.

You can also customize encryption by editing the Frame Relay or PPP encryption

parameters, as well as the WEP line and interface parameters.

Creating Seeds

You create seeds to initialize the RNGs that generate keys, using a PC or UNIX

platform on which you have installed Site Manager.

Site Manager 6.00 includes software that enables you to create these seeds. The

software includes a default length of 128 bits for the LTSS key generator. Site

Manager for the PC also includes an environment variable that deﬁnes the

location where the ﬁles that will contain the NPKs and LTSSs reside. On a UNIX

platform, you must set this path.

You must create three seeds to use encryption on your network. The RNGs on Site

Manager use two of these seeds to generate random numbers for the NPKs and

LTSSs. The RNG on a secure router uses the third seed to generate a TEK.

The following sections provide information about creating seeds for the NPKs and

LTSSs. The section “

Creating TEKs,” later in this chapter, describes how to create

the seed for a TEK.

1 2 ... 25 26 27 28 29 30 31 32 33 34 35 ... 61 62

Pas de commentaire

Avaya Configuring Data Encryption Services Manuel d'utilisateur Page 30