[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC and Network Analysis

> How easy will it be to turn the encryption off when
> necessary for troubleshooting? 

Hopefully, very difficult, since the encryption is presumably in use
for a reason; turning it off would presumably open up security
vulnerabilities for whatever applications are in use..

> Will IPSEC render all 
> the management and monitoring tools like RMON probes 
> useless?

Not completely; RMON probes will still be useful for traffic
analysis.. :-)

> I'd guess that this is highly implementation specific but 
> was curious if anyone has thought about this. 

Probably the right way to approach this from a security perspective
will be to build RMON-like functionality into end systems.. when a
party authorized by the end system's administrator requests it, send a
copy of decrypted traffic to the monitoring station -- hopefully via
some sort of encrypted channel to the monitoring station so that the
traffic is never sent on the wire in the clear..

					- Bill