Requirements for IPsec Remote Access Scenarios

Kelly, Scott; Ramamoorthi, S.

doi:10.17487/rfc3457

Cited by 3 publications

(11 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Leveraging DHCP for configuration of IPsec tunnel mode meets the basic requirements described in [21]. It also provides the additional capabilities described above.…”

Section: Dhcp Configuration Evaluationmentioning

confidence: 98%

“…As described in [21], the configuration requirements of a host with an IPsec tunnel mode interface include the need to obtain an IPv4 address and other configuration parameters appropriate to the class of host. In addition to meeting the basic requirements [21], the following additional capabilities may be desirable:…”

Section: Ipsec Tunnel Mode Configuration Requirementsmentioning

confidence: 99%

“…In addition to meeting the basic requirements [21], the following additional capabilities may be desirable:…”

Section: Ipsec Tunnel Mode Configuration Requirementsmentioning

confidence: 99%

“…In IPv4, leveraging DHCPv4 [3] for the configuration of IPsec tunnel mode satisfies the basic requirements described in [21].…”

Section: Basic Configurationmentioning

confidence: 99%

“…Since the required configuration parameters described in [21] are a subset of those already supported in DHCPv4 options [4], no new DHCPv4 options are required, and no modifications to DHCPv4 [3] are required.…”

Section: Basic Configurationmentioning

confidence: 99%

See 4 more Smart Citations

Dynamic Host Configuration Protocol (DHCPv4) Configuration of IPsec Tunnel Mode

Patel¹,

Aboba²,

Kelly³

et al. 2003

Self Cite

View full text Add to dashboard Cite

show abstract

“…Leveraging DHCP for configuration of IPsec tunnel mode meets the basic requirements described in [21]. It also provides the additional capabilities described above.…”

Section: Dhcp Configuration Evaluationmentioning

confidence: 98%

Section: Ipsec Tunnel Mode Configuration Requirementsmentioning

confidence: 99%

“…In addition to meeting the basic requirements [21], the following additional capabilities may be desirable:…”

Section: Ipsec Tunnel Mode Configuration Requirementsmentioning

confidence: 99%

“…In IPv4, leveraging DHCPv4 [3] for the configuration of IPsec tunnel mode satisfies the basic requirements described in [21].…”

Section: Basic Configurationmentioning

confidence: 99%

Section: Basic Configurationmentioning

confidence: 99%

See 3 more Smart Citations

Dynamic Host Configuration Protocol (DHCPv4) Configuration of IPsec Tunnel Mode

Patel¹,

Aboba²,

Kelly³

et al. 2003

Self Cite

View full text Add to dashboard Cite

show abstract

Inter-technology Conflict Analysis for Communication Protection Policies

Basile

Canavese

Lioy

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Usually network administrators implement a protection policy by refining a set of (abstract) communication security requirements into configuration settings for the security controls that will provide the required protection. The refinement consists in evaluating the available technologies that can enforce the policy at node and network level, selecting the most suitable ones, and possibly making fine adjustments, like aggregating several individual channels into a single tunnel. The refinement process is a sensitive task which can lead to incorrect or suboptimal implementations, that in turn affect the overall security, decrease the network throughput and increase the maintenance costs. In literature, several techniques exist that can be used to identify anomalies (i.e. potential incompatibilities and redundancies among policy implementations. However, these techniques usually focus only on a single security technology (e.g. IPsec) and overlook the effects of multiple overlapping protection techniques. This paper presents a novel classification of communication protection policy anomalies and a formal model which is able to detect anomalies among policy implementations relying on technologies that work at different network layers. The result of our analysis allows administrators to have a precise insight on the various alternative implementations, their relations and the possibility of resolving anomalies, thus increasing the overall security and performance of a network.

show abstract

Acesso remoto em firewalls e topologia para gateways VPN

Figueiredo

Geus

2001

Anais Do I Workshop Em Segurança De Sistemas Computacionais(WSeg 2001)

View full text Add to dashboard Cite

VPNs are being hailed as the solution for several situations involved in the Internet these days. Firewalls have seen a decade of evolution and sophistication to deal with specific problems. However, we are also seeing the proliferation of VPN configurations on otherwise secure networks based on firewalls. This paper discusses the security problems incurred by the adoption of VPN gateways in standard firewalls. It also suggests more secure topology solutions for the standard VPN uses, as well as for the remote access client. We also propose an implementation based on freely available software that satisfies the security issues brought about by this paper.

show abstract

Requirements for IPsec Remote Access Scenarios

Cited by 3 publications

References 0 publications

Dynamic Host Configuration Protocol (DHCPv4) Configuration of IPsec Tunnel Mode

Dynamic Host Configuration Protocol (DHCPv4) Configuration of IPsec Tunnel Mode

Inter-technology Conflict Analysis for Communication Protection Policies

Acesso remoto em firewalls e topologia para gateways VPN

Contact Info

Product

Resources

About