Netgear FVL328 User Manual download pdf (Page 2)

FVL328 Cable/DSL ProSafe High-Speed VPN Firewall

Page 2

7. How many VPN tunnels can the FVL328 support at one time?

As a standard feature, the FVL328 has the ability to support up to 100 VPN tunnels at one time. This can be

a combination of branch office, mobile users or partner connections.

8. What is encryption?

A mathematical operation that transforms data from "clear text" to "cipher text," which cannot be

interpreted. Usually the mathematical operation requires that an alphanumeric key be supplied along with

the clear text. The key and clear text are processed by the encryption operation, which leads to data

scrambling that makes it secure. Decryption is the opposite of encryption; it is the mathematical operation

that transforms cipher text to clear text.

9. How is the data encrypted on the FVL328 VPN?

The data is hardware-encrypted through the embedded encryption accelerator in the microprocessor.

10. What is DES and 3DES?

DES, or Digital Encryption Standard, is encryption used for data communications where both the sender and

receiver must know the same secret key, which can be used to encrypt and decrypt the message, or to

generate and verify a message authentication code. NETGEAR DES encryption uses a 56-bit key. 3DES, or

“triple DES” on the other hand, is a variation on DES that uses a 168-bit key to provide more secure data

transmission than DES. TripleDES is considered to be virtually unbreakable by security experts. It also

requires a great deal more processing power, resulting in increased latency and decreased throughput unless

hardware acceleration is provided, as in the FVL328.

11. What is IPSec?

Internet Protocol Security is a robust VPN standard that covers authentication and encryption of data traffic

over the Internet. IPSec employs three components, encapsulating security payload (ESP), authentication

header (AH), and Internet key exchange (IKE) technology. VPN technology employing IPSec will encry pt

all outgoing data and decrypt all incoming data so that a public network can be used, like the internet, as

transportation media. IPSec can support two encryption modes: transport and tunnel. Transport mode

encrypts the data portion of each packet but leaves the header unencrypted. The more secure the tunnel

mode encrypts both the header and the data. The FVL328 supports both. At the receiving end, an IPSec-

compliant device decrypts each packet. For IPSec to work, the sending and receiving devices must share a

key. IKE protocol is a key management protocol standard which is commonly used in conjunction with the

IPSec standard. Unlike PPTP, IPSec is specific only to the Internet Protocol (IP) and does not provide

security for other protocols. PPTP supports multiple protocols, but is not as secure.

12. What is IKE?

Internet Key Exchange is a negotiation and key exchange protocol specified by the Internet Engineering

Task Force (IETF). An IKE security association (SA) automatically negotiates encryption and

authentication keys. With IKE, and initial exchange authenticates the VPN session and automatically

negotiates keys that will be used to pass IP traffic.

13. What is Authentication Header (AH)?

AH provides authentication and integrity, which protect against data tampering, using the same algorithms

as ESP. AH also provides optional anti-replay protection, which protects against unauthorized

retransmission of packets. The authentication header is inserted into the packet between the IP header and

any subsequent packet contents. The payload is not touched. Although AH protects the packet’s origin,

destination, and contents from being tampered with, the identity of the sender and receiver is known. In

1 2 3 4 5 6 7 8 9

Comments to this Manuals

No comments

Netgear FVL328 User Manual Page 2

Comments to this Manuals

Related products and manuals for Routers Netgear FVL328