|
Virtual private networks (VPNs) can be used to provide authenticity, privacy, and data integrity. There are two types of VPNs: site-to-site and client-to-site; both provide two methods of key exchange (IKE and FWZ) and several encryption algorithms. Establishing a site-to-site VPN can be broken down into three steps: configuring the firewall and/or management stations, configuring the VPN domain, and adding encryption rules to the security policy rule base. Establishing a client-to-site VPN is similar, except that users are configured with the proper authentication method, and then the rule base is updated with a Client Encrypt rule. Remote users must install the SecuRemote software and download SecuRemote server topology before they can make use of a client-to-site VPN. Several methods exist for automatically updating site topology.
|