IPsec Encryption in Conduit
Oracle SD-WAN Edge 4.4 introduces the ability to secure Conduit user data with IPsec encapsulated by the Oracle Reliable Protocol (TRP). This is executed using a 140-2 Level 1 FIPS-certified IPsec cryptographic library using Suite B algorithms and 256-bit ECP.
Figure 3: IPsec Encryption in a Conduit To implement IPsec Encryption on a Conduit:
- Log into your Appliance's web console.
- Click on Manage Network, and then Configuration.
- Open Connections → Default Sets → Conduit Default Sets → [Site Name], and then IPsec Settings.
- Click the edit icon
(
) and click the checkbox next to Secure Conduit User Data with IPsec to enable IPsec on the conduit.
- Choose ESP, ESP+Auth, or AH from the Tunnel Mode drop-down menu.
- If the Tunnel Mode is ESP or ESP+Auth, choose AES 128-bit or AES 256-bit from the Encryption Mode drop-down menu.
- If the Tunnel Mode is AH, choose SHA1 or SHA-256 from the Hash Algorithm drop-down menu.
- Click Apply.
Figure 4: Configure IPsec on a Conduit