P2P 應用服務課程 Private P2P 服務簡介 2010 All rights reserved. No part of this...
56
P2P 應應應應應應 Private P2P 應應應應 2010 All rights reserved. No part of this publication and file may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior written permission. 應應應應應應應應應應應應應應應應應應應應應應應 應應應 應應應應應應應應應
P2P 應用服務課程 Private P2P 服務簡介 2010 All rights reserved. No part of this publication and file may be reproduced, stored in a retrieval system, or transmitted
P2P Private P2P 2010 All rights reserved. No part of this
publication and file may be reproduced, stored in a retrieval
system, or transmitted in any form or by any means, electronic,
mechanical, photocopying, recording or otherwise, without prior
written permission.
ISAKMP SA Establishment 12 From:
http://docs.hp.com/en/J4256-90003/ch01s04.html ISAKMP Phase One
(Main Mode, MM) Negotiate and establish an ISAKMP SA, a secure
communication channel for further communication by generating a
Diffe-Hellman shared value as the base for a symmetric (shared)
key. Verify the remote system's identity (primary authentication)
ISAKMP Phase Two (Quick Mode, QM) Negotiate two SAs for IPSec
transforms (AH or ESP): one for inbound and one for outbound
traffic.
Primary Authentication Preshared keys: A preshared key is
manually configured on both systems and is used for authentication
only. Digital Signatures: Digital signatures are based on security
certificates, and are managed using a Public Key Infrastructure
(PKI) consisting of CAs (Certificate Authorities). 14 From:
http://docs.hp.com/en/J4256-90003/ch01s04.html