7
C
ONFIGURING
IP S
ECURITY
Overview
The EtherLink PCI NIC accelerates IP security (IPSec) data
encryption from supported operating systems that provide
this offload capability. This feature is currently available in
the Microsoft Windows 2000 operating system.
IPSec consists of two parts:
■
encryption/decryption
■
authentication
To send or receive encrypted data in a PC running
Windows 2000 with an EtherLink PCI NIC installed,
you must first create a
security policy
, and then enable
encryption on the NIC. The security policy establishes
and defines how encrypted network traffic between
your PC and a specified server occurs.
Authentication enables the receiver to verify the sender of
a packet by adding key fields to a packet without altering
the packet data content.
The following table shows the available levels of encryption:
Data encryption is available for Windows 95 and
Windows 98 through
Dynamic
Access LAN Encryption
software provided on the EtherCD. See Data Encryption
on page 14 for more information.
Encryption
Type
Encryption
Level
Description
AH
medium
Authentication only
ESP
high
Authentication and encryption