Security Policy is apply at many places:
within the Router (via the inter-node-security property),
within a Service ,
within a Network Interface, and
within an Adjacency
HMAC Cipher: HMAC to authenticate the source IKE-2
Encryption Cipher: AES or Advanced Encryption Standard CBC and GCM
Configure Security Policies | |
---|---|
Configuration > Authority ADD Security Policies Name: aes1 HMAC Cipher: sha256-128 Encryption Cipher: aes-cbc-128 Adaptive Encryption: False | |
VALIDATE and COMMIT | |
Apply Security Policy | |
Configuration > Authority > Routers: seabo1 > Node: node1 > Device Interface: mpls1 > Network Interface: mpls1 > address: 10.0.128.1 SET Security Policy: aes1 | |
Configuration > Authority > Routers: bosdc1 > Node: node1 > Device Interface: mpls1 > Network Interface: mpls1 > address: 10.0.128.1 SET Security Policy: aes1 | |
VALIDATE and COMMIT | |
Configure and Apply a Security Policy to Encrypt your Payload | |
Configuration > Authority ADD Security Policies Name: encryption_only Encryption Cipher: aes-cbc-256 HMAC Mode: disabled | |
Apply | Configuration > Authority > Service: webserver SET Security Policy: encryption_only |
VALIDATE and COMMIT |
...