[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC and Network Analysis
> How easy will it be to turn the encryption off when
> necessary for troubleshooting?
Hopefully, very difficult, since the encryption is presumably in use
for a reason; turning it off would presumably open up security
vulnerabilities for whatever applications are in use..
> Will IPSEC render all
> the management and monitoring tools like RMON probes
Not completely; RMON probes will still be useful for traffic
> I'd guess that this is highly implementation specific but
> was curious if anyone has thought about this.
Probably the right way to approach this from a security perspective
will be to build RMON-like functionality into end systems.. when a
party authorized by the end system's administrator requests it, send a
copy of decrypted traffic to the monitoring station -- hopefully via
some sort of encrypted channel to the monitoring station so that the
traffic is never sent on the wire in the clear..