1st , what is IKE?
IKE Internet Key Exchange, is one first building block for IPSEC vpns. It's allows vpn peers to authenticate and negotiate security-association for encrypting data.
IKEv2 is support by most modern ipsec vpn gateways. The following vendors has support for IKEv2;
- cisco
- juniper
- fortinet
- sonicwall
- checkpoint
- openstrong
- pfsense
- others
2nd , IKE advantages ?
IKEv2 has host of benefits over the older IKEv1.
- resistances to IKE protocol DoS attacks, where IKEv1 was more prone & exposed to these attacks
- support NAT-T directly
- more secured and quicker SAs setup
- support for SCTP
- support active ACKs and Replies between peers
- dual or uni direction authentication parameters
3rd , A few IKE vpn-clients?
- forticlient
- microsoft
- shrewnet ( has not been confirm )
- green bow
Ken Felix
Freelance Network/Security Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( ! ! )=
@
/ \
No comments:
Post a Comment