The New z/OS Communications Server Internet Key Exchange Version 2 - What Is It and How Does It Integrate With An Existing IKEv1 Deployment?
Project and Program:
Enterprise Data Center,
Security and Compliance
Tags:
Proceedings,
2011,
SHARE in Orlando 2011
The Internet Key Exchange (IKE) protocol is responsible for negotiating security associations between two hosts that have implemented IPSec. This negotiation includes selection of cryptographic algorithms, creation of session keys, and mutual authentication using X.509 digital certificates. The new version of Internet Key Exchange, IKEv2, introduces improvements to the current suite of IPSec functions. In z/OS V1R12, the Communications Server has added IKEv2 to its IP Security offering. This session will cover a tutorial on the IKEv2 protocol as implemented by the z/OS Communications Server, and how it compares to IKEv1. Since it is anticipated that IKEv2 deployment will occur gradually over a number of years, IKEv1 and IKEv2 coexistance is critical. This session will cover those considerations needed for a successful integration of IKEv1 and IKEv2 capable resources in an IPSec environment.
Presenter(s): Lin Overby, IBM Corporation
Back to Proceedings File Library