IPSec 网络安全策略
1.IPSec概述:所提供的功能:1、在开始传送信息之前,两边会彼此验证对方的身份。2、承认数据是不是在传输过程中被截获并被修改过,承认信息的完整性。3、将传送的信息加密。在传输之前两台计算机先洽谈出一个结果—SA(安全相关),就好象一份合同书。其间包括用来验证身份与信息加密的密钥、安全通信协议、SPI(安全参数索引)等信息,两边按其内容通信。洽谈的方法是标准的IKE(密钥交换)。实现后就可以通信了。(1. IPSec overview: Provided functions: 1. Before starting to transmit information, both sides will verify each other's identity. 2. Acknowledge whether the data has been intercepted and modified during transmission, and acknowledge the integrity of the information. 3. Encrypt the transmitted information. Before the transmission, the two computers negotiate a result - SA (safety related), just like a contract. It includes the key used to verify identity and information encryption, secure communication protocol, SPI (Security Parameter Index) and other information, and the two sides communicate according to their content. The method of negotiation is standard IKE (Key Exchange). After the implementation can communicate.)
页:
[1]