Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Security Policy is apply at many places:

within the Router (via the inter-node-security property),
within a Service ,
within a Network Interface, and
within an Adjacency


HMAC Cipher:  HMAC to authenticate the source IKE-2

Encryption Cipher:  AES or Advanced Encryption Standard CBC and GCM



Configure Security Policies

Configuration > Authority

ADD Security Policies

Name: aes1

HMAC Cipher:    sha256-128

Encryption Cipher: aes-cbc-128

Adaptive Encryption: False



VALIDATE and COMMIT

Apply Security Policy

Configuration > Authority > Routers: seabo1 > Node: node1 > Device Interface: mpls1 > Network Interface: mpls1 > address: 10.0.128.1

SET  Security Policy: aes1



Configuration > Authority > Routers: bosdc1 > Node: node1 > Device Interface: mpls1 > Network Interface: mpls1 > address: 10.0.128.1

SET  Security Policy: aes1


VALIDATE and COMMIT

Configure and Apply a Security Policy to Encrypt your Payload

Configuration > Authority

ADD Security Policies

Name: encryption_only

Encryption Cipher:   aes-cbc-256

HMAC Mode: disabled

Apply

Configuration > Authority > Service: webserver

SET Security Policy: encryption_only


VALIDATE and COMMIT

...