16-1
16
Key Management System
Overview
The switches covered in this guide provide support for advanced routing
capabilities. Security turns out to be extremely important as complex net-
works and the internet grow and become a part of our daily life and business.
This fact forces protocol developers to improve security mechanisms
employed by their protocols, which in turn becomes an extra burden for
system administrators who have to set up and maintain them. One possible
solution to the problem is to centralize the mechanisms used to configure and
maintain security information for all routing protocols. The Key Management
System (KMS) can carry this burden.
KMS is designed to configure and maintain key chains. A key chain is a set of
keys with a timing mechanism for activating and deactivating individual keys.
KMS provides specific instances of routing protocols with one or more Send
or Accept keys that must be active at the time of a request. A protocol instance
is usually an interface on which the protocol is running.
Terminology
■ Key Chain: A key or set of keys assigned for use by KMS-enabled
protocols. A key chain may optionally contain the time to activate and
deactivate a particular key.
■ Time-Independent Key: A key that has no activate or deactivate
time associated with it. This type of key does not expire, which
eliminates the need for a key chain.
Feature Default Menu CLI Web
Generating a Key Chain n/a n/a page 16-2 n/a
Generating a Time-Independent key n/a n/a page 16-3 n/a
Generating a Time-Dependent key n/a n/a page 16-5 n/a
To Next Page
Loading...
Need help?
General