deployment
Click on the red underlined text to get to the source
... security without
compromising ease of management and deployment, even where the
deployment involves tens of thousands of IPsec ...
... management and deployment, even where the
deployment involves tens of thousands of IPsec users and devices.
...
... X.509 Certificates) and IPsec standards to
limit the complexity of deployment. Some requirements may require
either a new protocol ...
... create interoperable products to enable
large-scale IPsec System deployments, and do so as quickly as
possible. For example, a VPN Operator should be able to use any
...
... IPsec Peers. The requirements strive to meet eighty percent of the
market needs for large-scale deployments (i.e., VPNs including
hundreds or thousands of managed VPN ...
... clients). Environments will understandably exist in which large-
scale deployment tools are desired, but local security policy
...
... requirements.
Use cases will be considered or rejected based upon this eighty
percent rule. The needs of small deployments are a stated non-goal;
however, service providers ...
... however, service providers employing the scoped solution and applying
it to many smaller deployments in aggregate may address them.
...
... PKI-supported
IPsec VPN deployment. First, an explanation of the VPN System is
presented. Second, key points about the PKI System ...
... It is important to note that, within this document, the Admin is
neither a device nor a person; rather, it is a function. Every
large-scale VPN deployment will contain the Admin function. The
function can be performed on a stand-alone workstation, on a gateway,
...
...
This option exists for deployments where Peers cannot generate their
own key pairs. Some examples are for PDAs ...
... mechanism for authorization that provides more immediate access
deactivation should be layered into the VPN deployment. Such a
second mechanism is out of the scope of this profile. (Examples are
...
... roles of Peer and Admin. This
functional allocation is crucial both to achieving successful
deployment, and to maintaining the integrity of the PKI enrollment
...