| Aggressive
Mode |
One
of the modes used by IKE in Phase-1 to establish an authenticated key exchange
(the other mode is Main Mode). |
| Big
Endian |
A byte
ordering where the most significant byte is stored at the lowest address
(first). This is the same as the "network byte order" used by
TCP/IP. |
| Hybrid
Authentication |
An IKE
authentication method supported by Checkpoint Firewall-1 4.1 and later.
Defined in draft-ietf-ipsec-isakmp-hybrid-auth-05.txt "A Hybrid Authentication
Mode for IKE". |
| IKE |
Internet
Key Exchange. The key exchange and authentication protocol used by IPsec.
Defined in RFC 2409. |
| IPsec |
Internet
Protocol Security. The IPsec protocol is used to create VPNs. It uses the
IKE protocol for key exchange and authentication. |
| ISAKMP |
Internet
Security Association and Key Management Protocol. ISAKMP provides the framework
for key exchange and authentication that is used by IKE. ISAKMP is defined
in RFC 2408. |
| Main
Mode |
One of
the modes used by IKE in Phase-1 (the first phase of the IKE packet exchange)
to establish an authenticated key exchange (the other mode is Aggressive
Mode). |
| NG |
Next
Generation, the current major version of Checkpoint Firewall-1. |
| RSA Authentication |
An
IKE authentication method using RSA public key encryption. |
| SA |
Security Association. |
| SHA1 |
Secure
Hash Algorithm 1. A message digest (hash) function defined in RFC 3174. |
| Vendor ID |
An
ISAKMP payload which contains a vendor-defined constant. |
| VPN |
Virtual
Private Network. |