Avaya Configuring Data Encryption Services Uživatelský manuál Strana 23

  • Stažení
  • Přidat do mých příruček
  • Tisk
  • Strana
    / 62
  • Tabulka s obsahem
  • KNIHY
  • Hodnocené. / 5. Na základě hodnocení zákazníků
Zobrazit stránku 22
Data Encryption Overview
117386-A Rev. A 1-7
The easiest way to enter the NPK is to use a text editor in read-only mode to
display the contents of the file that contains your NPKs. Examples of editors
include vi or emacs on a UNIX platform and EDIT on a PC. Copy the value of the
appropriate NPK, and paste it into the Technician Interface command line.
Choosing a Secure Shell Password
The Secure Shell password protects all of the secret data in the router that WEP
uses. Select a password of at least 10 to 12 characters. Do not use anything
obvious, like your nickname, family birthdates, or your social security number.
Change this password often and randomly.
Entering the NPK into Site Manager
You also enter the NPK into Site Manager using the Frame Relay or PPP Node
Protection Key parameter. When you enter an NPK, it is visible only until you exit
the Configuration Manager. You must reenter the NPK each time you modify the
security configuration for a router. If you do not enter the NPK exactly as you
entered it when you configured encryption initially, you cannot make changes.
Long-Term Shared Secret (LTSS)
The Long-Term Shared Secret is the source for the Master Encryption Key
(MEK). It consists of 128 to 248 bits of secret data that each end of a secure link
shares. The LTSS resides in the MIB, encrypted by the NPK, which you must
have previously entered into Site Manager. You need a different LTSS for each
circuit that you configure to use encryption.
The key manager uses an RNG to generate LTSSs, and you specify a name for
each of these values. You thereby create a file of LTSS keys and then assign the
same key to each end of a secure circuit.
Note: We recommend that you enter the NPK in each router using a laptop
computer that you attach directly to the router. You should not use a terminal
server to enter the NPK because of security risks.
Note: Store the files of NPKs and LTSSs on removable media, such as floppy
disks, and store that media in a safe place.
Zobrazit stránku 22
1 2 ... 18 19 20 21 22 23 24 25 26 27 28 ... 61 62

Komentáře k této Příručce

Žádné komentáře