| |
IPSec features supported:
- AH/ESP tunnel and transport mode
- Main, Quick and Aggressive modes
- Expiration of Security Associations (SAs) using time and/or kilobytes
- NAT Traversal
- Path MTU discovery
Platforms supported:
- Windows based product suite components
- Windows 95/98/ME
- Windows NT 4.0 (Service Pack 3 and above)
- Windows 2000
Network support:
Smart card support:
- TeleSec PKS Netkey
- TeleSec NKS Netkey
Encryption algorithms supported:
- DES (56 bit), 3DES (168 bit)
- IDEA (128 bit)
- Blowfish (40 - 446 bit)
- AES /Rijndael (128, 192 or 256 bit)
Authentication and Key Exchange support:
- IKE (formerly known as ISAKMP/Oakley)
- Diffie-Hellman (768, 1024 bit)
- RSA (1024, 2048 bit)
- Signatures: RSA, DSS, X.509
- Pre-shared secrets
- Perfect forward secrecy (PFS) support for Diffie-Hellman in Quick Mode
- Private keys can be PIN protected
Hash functions supported:
Standards supported:
- IETF IPSec
- ISO X.509 v3
- PKCS #1, #10, #12
- SCEP / CMP
Certification Authorities supported:
- VeriSign
- RSA Data Security Certificate Server (Keon)
- Baltimore
- Entrust
Certificate Management:
- Automatic retrieval and processing of certificates and Certificate Revocation Lists (CRLs)
- X.509v3 certificates supported
- Automatic certificate enrolment using SCEP / CMP
Management:
- Flexible to support organisation’s security policy
- GUI-based configuration
- Use of wizards for installation and configuration
- Live configuration
- Granular control based on IP address, subnet address, address range, port and protocol
- Event log viewer
- Security Association (SA) monitor (both phase I and II)
- Quick policy selection
- Password protection for policy
- Management software included for
- Remote management
- Local management
- Centrally manageable using Central Manager
|
NSS Home 
