Intel® Packet Protect supports Entrust* certificates.
A certificate is a digital file that contains keys which help verify the identification of the certificate owner. Each certificate contains the owner's name and additional information.
Intel Packet Protect requires customized certificates so it can work with IPSec in Certificate Authority mode. In addition to the traditional information contained within a certificate, certificates used with Intel Packet Protect must contain the IP address or the fully-qualified domain name (or RFC822 e-mail name) of the system to which the certificate is assigned. When you use certificates with Intel Packet Protect, the certificate is assigned to the system, not the user.
A certificate authority (often referred to as a "CA") is a trusted issuer of digital certificates. Certificate authorities "sign" certificates for clients. This mark of approval indicates that the named certificate authority has approved the certificate.
Certificate authorities can also have certificates issued to them by another certificate authority. This creates a hierarchical chain of trusted certificates. For example, your certificate may be signed by your company's West Coast Certificate Authority, whose certificate is signed by your Corporate Certificate Authority.
The "highest" certificate authority in the chain is called the root certificate authority. In the example, the Corporate Certificate Authority is the root.
There are several processes to accomplish in order to enable Entrust certificates support for Intel Packet Protect systems.
Install Intel Packet Protect on every system in the LAN that you want to use Entrust certificates.
Set up and configure Entrust/Entelligence* on individual systems using certificates.
Install Intel Packet Protect certificate support on individual systems.
Once you have set up and configured the systems in your LAN that will use certificates, the certificates can be used in rules that require certificates.
Refer to Using Entrust Certificates with Intel Packet Protect for more information about using certificates.
Once you have installed Entrust/Entelligence on your system, you can find detailed information about Entrust/Entelligence in the Entrust/Entelligence online help. General information about Entrust/Entelligence can be found at the Entrust Web site.
Copyright © 2000, Intel Corporation. All rights reserved.
Intel Corporation assumes no responsibility for errors or omissions in this document. Nor does Intel make any commitment to update the information contained herein.
* Other product and corporate names may be trademarks of other companies and are used only for explanation and to the owners' benefit, without intent to infringe.