ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaja_5.4.0.1/rzajatfc.htm

56 lines
4.0 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Configure Traffic Flow Confidentiality (TFC)" />
<meta name="abstract" content="If your data policy is configured for Tunnel mode you can use Traffic Flow Confidentiality (TFC) to conceal the actual length of the data packets transferred over a VPN connection." />
<meta name="description" content="If your data policy is configured for Tunnel mode you can use Traffic Flow Confidentiality (TFC) to conceal the actual length of the data packets transferred over a VPN connection." />
<meta name="DC.Relation" scheme="URI" content="rzajacreatevpncon.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzajatfc" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Configure Traffic Flow Confidentiality (TFC)</title>
</head>
<body id="rzajatfc"><a name="rzajatfc"><!-- --></a>
<img src="./delta.gif" alt="Start of change" /><!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Configure Traffic Flow Confidentiality (TFC)</h1>
<div><p>If your data policy is configured for Tunnel mode you can use Traffic
Flow Confidentiality (TFC) to conceal the actual length of the data packets
transferred over a VPN connection. </p>
<p>TFC adds extra padding to the packets being sent and sends dummy packets
with different lengths at random intervals to conceal the actual length of
the packets. Use TFC for extra security against attackers who might guess
the type of data being sent from the length of the packet. When you enable
TFC you gain more security, but at the cost of system performance. Therefore,
you should test your systems performance before and after you enable TFC on
a VPN connection. TFC is not negotiated by IKE, and user should only enable
TFC when both systems support it.</p>
<p>To enable TFC on a VPN connection follow these steps:</p>
<ol><li>In <span class="keyword">iSeries™ Navigator</span>, expand your
server &gt; <span class="menucascade"><span class="uicontrol">Network</span> &gt; <span class="uicontrol">IP Policies</span> &gt; <span class="uicontrol">Virtual Private Networking</span> &gt; <span class="uicontrol">Secure Connections</span> &gt; <span class="uicontrol"> All Connections</span></span>.</li>
<li>Right-click the connection you want to enable TFC and select <span class="uicontrol">Properties</span>. </li>
<li>On the <span class="uicontrol">General</span> tab select <span class="uicontrol">Use Traffic
Flow Confidentiality (TFC) when in Tunnel Mode</span>.</li>
</ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajacreatevpncon.htm" title="After planning for your VPN, you can begin configuring it. This topic provides you with an overview of what you can do with VPN and how to do it.">Configure VPN</a></div>
</div>
</div>
<img src="./deltaend.gif" alt="End of change" /></body>
</html>