ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzatj_5.4.0.1/vpncon.htm

58 lines
3.6 KiB
HTML

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>Virtual private network</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
<a name="vpncon"></a>
<h3 id="vpncon">Virtual private network</h3>
<p>A virtual private network (VPN) allows your company to extend
its private intranet over a public network. It is based on creating virtual
secure tunnels between hosts or gateways connected to the public network.
To participate in a secure tunnel or VPN connection, the VPN tunnel end point
must implement a compatible suite of VPN protocols. VPN provides the following
security functions:</p>
<ul>
<li>Data origin authentication to verify that each datagram was originated
by the claimed sender.</li>
<li>Data integrity to verify that the contents of a datagram were not changed
either deliberately or due to random errors.</li>
<li>Data encryption to ensure message text confidentiality.</li>
<li>Replay protection to ensure that an attacker cannot intercept data and
play it back at some later date.</li>
<li>Key management to ensure that your VPN policy can be implemented throughout
the extended network with little or no manual configuration.</li></ul>
<p>The Universal Connection builds a VPN connection to IBM&reg;, in some scenarios, to ensure that the
information sent and received between your iSeries&trade; server and IBM is safe (for example, VPN encrypts and
authenticates data). The VPN technologies used by the Universal Connection
include L2TP, IKE, and IPSec. See the following topics for details, <a href="../rzaja/rzajal2tpprotocol.htm">Layer 2 Tunnel Protocol (L2TP)</a>, <a href="../rzaja/rzajaimplicitike.htm">Implicit IKE</a>, and <a href="../rzaja/rzajaipsec.htm">IP Security (IPSec) protocols</a>. For some of
the connectivity options, the Universal Connection uses L2TP alone for those portions of the
connection that do not require encryption. For example, if you are connecting
from one partition to another partition and then out across the Internet to IBM,
the Universal Connection strictly uses L2TP between the partitions and then uses L2TP protected
by IPSec for the second portion of the connection (that portion requiring
encryption).</p>
<p>For more information, see the <a href="../rzaja/rzajagetstart.htm">Virtual private networking</a> topic.</p>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>