During installation, you selected a default behavior for your system to use for all communications. You also entered a pre-shared key that matches the pre-shared key on other systems in the network so the system can communicate securely with other systems possessing the same pre-shared key.
In order to operate with security settings, your system needs to know how to communicate with other IPSec-enabled systems. In the absence of a rule that matches a specific communication need, Intel Packet Protect uses default behaviors to determine how IPSec systems use security.
If a matching rule exists on the two systems that are attempting to communicate, the default behavior will not be used.
The table below describes the default behaviors available with Intel Packet Protect.
Notes:
You can set up specific security policies with rules that apply to specific types of communications using advanced security settings.
You cannot make any changes to Intel Packet Protect on a system unless you are logged on as administrator. Individual users cannot modify Intel Packet Protect settings.
|
Default Behavior |
Description |
|---|---|
|
Secure Responder (Example: workstations) |
Systems with this behavior initiate communication without security (in the clear), but will attempt to negotiate a secure communication if one is requested. For example, if a Secure Responder workstation attempts to access a file server and that file server requests a secure communication, the workstation will respond in a secure manner. If two workstations are configured with this setting and they attempt to communicate with each other, the communication is allowed without security (in the clear). Also, Secure Responders and systems that are not IPSec-enabled communicate without security. |
|
Secure Initiator (Example: servers) |
Systems with this behavior request security for all communications, but don't require it. For example, a Secure Initiator server always initiates communications by requesting security. If the negotiation for a secure communication is unsuccessful, the Secure Initiator server communicates without security (in the clear). |
|
Lockdown (Example: servers that require strict security) |
Systems with this behavior require security for all communication. Lockdown systems do not communicate without security, that is, they do not communicate in the clear. Only use Lockdown if a system will be accessed by a very limited number of systems, and those systems are all properly set up with Intel Packet Protect. If a backup to another system on the network is scheduled automatically, it will fail unless the other system is also security-enabled. |
Copyright © 2000, Intel Corporation. All rights reserved.
Intel Corporation assumes no responsibility for errors or omissions in this document. Nor does Intel make any commitment to update the information contained herein.
* Other product and corporate names may be trademarks of other companies and are used only for explanation and to the owners' benefit, without intent to infringe.