All sensitive materials are encrypted using a Master Configuration Key (MCK), derived from a
passphrase entered by an administrator. The secrets are then stored in the configuration file
in an encrypted format. This enables copying configurations, including secrets, from one device
to another. The only requirement is that the administrator must generate an identical MCK (by
using the same passphrase) in the target device before executing the copy operation.
Note:
All Gateways have the same default MCK. For security reasons, it is recommended to
configure a new MCK immediately upon Branch Gateway installation.
Related topics:
Configuring the Master Configuration Key on page 52
Configuring the Master Configuration Key
Procedure
1. Enter key config-key password-encryption followed by a phrase of 13 to
64 printable ASCII characters.
2. Copy the running configuration to the start-up configuration using the copy
running-config startup-config command.
Result
The new MCK is now in effect.
DoS attacks
The Branch Gateway provides various TCP/IP services and is therefore exposed to a myriad
of TCP/IP based DoS attacks.
“DoS (Denial of Service) attacks” refers to a wide range of malicious attacks that can cause a
denial of one or more services provided by a targeted host.
Related topics:
SYN attack on page 53
SYN cookies on page 53
Configuring SYN cookies on page 54
Commands used to maintain SYN cookies on page 54
SYN cookies configuration commands on page 55
Accessing the Branch Gateway
52 Administering Avaya G430 Branch Gateway October 2013
Comments? infodev@avaya.com
To Next Page
Loading...
