Issue 1, June 2003
Introduction 11
Avaya SG203/SG208 Security Gateway Hardware Installation Guide
negotiation is completed data can then be encapsulated in IPSec
tunneling packets that can only be decrypted by the peer on the other end
of the IPSec tunnel.
Additional features
VPNmanager
Avaya VPNmanager is an optional Avaya application that lets network
managers define, configure and manage VPNs from any location. Large
networks would want to use VPNmanager to do distributed managed
firewall rules as well as VPN management across the network.
Security
The SG203 and SG208 security gateway employes cryptographic
algorithms and keys powerful enough for the most sensitive business
communications to provide data stream privacy. It supports DES and
Triple DES, and AES encryption, as well as the ISAKMP key
management standard.
Table 1
Additional features
Parameter
Specification
Encryption
DES, Triple DES, and AES hardware encryption. DES
uses a 56-bit key. Triple DES uses three 56-bit
independent keys for an effective key length of 168 bits.
AES is a symmetric 127 bit block data encryption
technique. AES can be used in place of DES.
All weak and semi-weak keys are automatically
discarded.
Authentication
Keyed MD5™ Message Digest (RFC 1321)
HMAC-MD5 and HMAC SHA-1 (RFC 2104)
Key
Management
ISAKMP (Internet Security Association Key Management
Protocol).
Supports network address translation for firewall support.
User
Authentication
CHAP, PAP