What you are referring to is when a single SA/key is shared across multiple
devices (or the entire network). Here, we are talking about a unique SA pair
between any two devices. I.e. each device pair on the network has its own IPsec
SA.
fred
On 15 Nov 2011, at 19:36, Ulliott, Chris wr
On Nov 15, 2011, at 7:36 PM, Ulliott, Chris wrote:
> Classification:UNCLASSIFIED
>
> The problem with a single SA is that it usually means a single key (what ever
> form that takes) such that a compromise of a single spoke puts all traffic at
> risk... So what ever solution we go for - we need
Classification:UNCLASSIFIED
The problem with a single SA is that it usually means a single key (what ever
form that takes) such that a compromise of a single spoke puts all traffic at
risk... So what ever solution we go for - we need to keep one eye on the
security requirements...
Chris
[This