To provide data integrity, an IPsec VPN uses authentication algorithms, which use a key to generate a unique message digest for a packet. The remote endpoint checks the digest using the same key and algorithm. If the data has been altered, the integrity check fails. To provide data privacy, the VPN endpoint encrypts packets with symmetric encryption algorithms. Such algorithms use a key to transform data into a new string. Only an endpoint using the same algorithm and key can extract the original data from the encrypted string. The Threat Management Services (TMS) zl Module supports these authentication algorithms for both AH and ESP:
The TMS zl Module supports these encryption algorithms for ESP Encapsulating Security Protocol :
|