JP2007235853A5 - - Google Patents
Download PDFInfo
- Publication number
- JP2007235853A5 JP2007235853A5 JP2006057976A JP2006057976A JP2007235853A5 JP 2007235853 A5 JP2007235853 A5 JP 2007235853A5 JP 2006057976 A JP2006057976 A JP 2006057976A JP 2006057976 A JP2006057976 A JP 2006057976A JP 2007235853 A5 JP2007235853 A5 JP 2007235853A5
- Authority
- JP
- Japan
- Prior art keywords
- address
- ipsec
- network device
- communication
- security level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 239000003999 initiator Substances 0.000 claims 3
- 235000008694 Humulus lupulus Nutrition 0.000 claims 2
- 238000000034 method Methods 0.000 claims 2
Claims (12)
判定した通信相手のIPアドレスの特性に応じて使用するIPsec設定を決定する手段と、
決定したIPsec設定に基づいてIPsec通信を行う手段とを備え、
自己がIPsec通信の接続を受け付けるレスポンダ側である場合には通信相手から接続があったときに前記各手段の処理を開始し、自己がIPsec通信の接続を開始するイニシエータ側である場合には通信相手にパケットを送信する前に前記各手段の処理を開始し、
IPアドレスの特性に応じて適切なIPsec通信のセキュリティレベルを適用することを特徴とするネットワーク機器。 Means for determining the characteristics of the IP address of the communication partner;
Means for determining an IPsec setting to be used according to the determined IP address characteristics of the communication partner;
Means for performing IPsec communication based on the determined IPsec setting,
When the self is the responder side that accepts the connection of IPsec communication, the processing of each means starts when there is a connection from the communication partner, and when the self is the initiator side that starts the connection of IPsec communication, the communication Before sending the packet to the other party, start the processing of each means,
A network device characterized by applying an appropriate IPsec communication security level according to the characteristics of an IP address.
IPsec通信にグローバルアドレスを使用する場合は、通信相手のIPアドレスの特性として、ルーティングテーブルのホップ数を用いることを特徴とするネットワーク機器。 The network device according to claim 1,
A network device characterized in that, when a global address is used for IPsec communication, the number of hops in a routing table is used as a characteristic of an IP address of a communication partner .
IPアドレスはIPv6アドレスであり、
使用するセキュリティレベルを、IPv6アドレスの種類がリンクローカルアドレス、サイトローカルアドレスもしくはステートレスアドレスのいずれであるかにより区別することを特徴とするネットワーク機器。 In the network apparatus as described in any one of Claim 1 or 2 ,
IP address is Ri IPv6 address der,
A network device characterized by distinguishing a security level to be used according to whether an IPv6 address type is a link local address, a site local address, or a stateless address .
IPアドレスはIPv4アドレスであり、
使用するセキュリティレベルを、IPv4アドレスの種類がリンクローカルアドレス、サイトローカルアドレスもしくはステートレスアドレスのいずれであるかにより区別することを特徴とするネットワーク機器。 In the network apparatus as described in any one of Claim 1 or 2 ,
The IP address is an IPv4 address,
Network device security level to be used, characterized by distinguished by whether they are IPv4 Address Type gully link local address, site local address or a stateless address.
セキュリティレベルを事前に設定された高・中・低などの簡易レベルで設定する手段を備えたことを特徴とするネットワーク機器。 The network device according to any one of claims 1 to 4 ,
A network device comprising means for setting a security level at a simple level such as high, medium and low, which is set in advance.
使用者が機器から直接にIPsecの設定・確認を行えるオペレーションパネルを備えたことを特徴とするネットワーク機器。 The network device according to any one of claims 1 to 5 ,
A network device comprising an operation panel that allows a user to set and confirm IPsec directly from the device.
使用者が、外部機器からIPsecの設定・確認を行えるtelnetサーバを備えたことを特徴とするネットワーク機器。 The network device according to any one of claims 1 to 6 ,
A network device comprising a telnet server that allows a user to set and check IPsec from an external device.
使用者が、外部機器からIPsecの設定・確認を行えるWebサーバを備えたことを特徴とするネットワーク機器。 The network device according to any one of claims 1 to 7 ,
A network device comprising a Web server that allows a user to set and check IPsec from an external device.
判定した通信相手のIPアドレスの特性に応じて使用するIPsec設定を決定する工程と、
決定したIPsec設定に基づいてIPsec通信を行う工程とを備え、
自己がIPsec通信の接続を受け付けるレスポンダ側である場合には通信相手から接続があったときに前記各工程の処理を開始し、自己がIPsec通信の接続を開始するイニシエータ側である場合には通信相手にパケットを送信する前に前記各工程の処理を開始し、
IPアドレスの特性に応じて適切なIPsec通信のセキュリティレベルを適用することを特徴とするネットワーク機器のセキュリティレベル適用方法。 Determining the characteristics of the IP address of the communication partner;
Determining an IPsec setting to be used according to the determined IP address characteristics of the communication partner;
A step of performing IPsec communication based on the determined IPsec setting,
When the self is the responder side that accepts the connection of IPsec communication, the process of each step starts when there is a connection from the communication partner, and when the self is the initiator side that starts the connection of IPsec communication, the communication Before sending the packet to the other party, start the process of each step,
A security level application method for a network device, characterized in that an appropriate IPsec communication security level is applied according to the characteristics of an IP address.
IPsec通信にグローバルアドレスを使用する場合は、通信相手のIPアドレスの特性として、ルーティングテーブルのホップ数を用いることを特徴とするネットワーク機器のセキュリティレベル適用方法。When using a global address for IPsec communication, a security level application method for a network device, wherein the number of hops of a routing table is used as a characteristic of an IP address of a communication partner.
IPアドレスはIPv6アドレスであり、The IP address is an IPv6 address,
使用するセキュリティレベルを、IPv6アドレスの種類がリンクローカルアドレス、サイトローカルアドレスもしくはステートレスアドレスのいずれであるかにより区別することを特徴とするネットワーク機器のセキュリティレベル適用方法。A method for applying a security level of a network device, wherein the security level to be used is distinguished according to whether the type of IPv6 address is a link local address, a site local address or a stateless address.
通信相手のIPアドレスの特性を判定する手段、
判定した通信相手のIPアドレスの特性に応じて使用するIPsec設定を決定する手段、
決定したIPsec設定に基づいてIPsec通信を行う手段として機能させ、
自己がIPsec通信の接続を受け付けるレスポンダ側である場合には通信相手から接続があったときに前記各手段の処理を開始し、自己がIPsec通信の接続を開始するイニシエータ側である場合には通信相手にパケットを送信する前に前記各手段の処理を開始し、
IPアドレスの特性に応じて適切なIPsec通信のセキュリティレベルを適用することを特徴とするネットワーク機器の制御プログラム。
Computers that make up network equipment
Means for determining the IP address characteristics of the communication partner;
Means for determining an IPsec setting to be used according to the determined IP address characteristics of the communication partner;
Based on the determined IPsec setting, function as a means for performing IPsec communication,
When the self is the responder side that accepts the connection of IPsec communication, the processing of each means starts when there is a connection from the communication partner, and when the self is the initiator side that starts the connection of IPsec communication, the communication Before sending the packet to the other party, start the processing of each means,
A network device control program characterized by applying an appropriate IPsec communication security level according to the characteristics of an IP address.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2006057976A JP4704247B2 (en) | 2006-03-03 | 2006-03-03 | Network equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2006057976A JP4704247B2 (en) | 2006-03-03 | 2006-03-03 | Network equipment |
Publications (3)
Publication Number | Publication Date |
---|---|
JP2007235853A JP2007235853A (en) | 2007-09-13 |
JP2007235853A5 true JP2007235853A5 (en) | 2009-04-09 |
JP4704247B2 JP4704247B2 (en) | 2011-06-15 |
Family
ID=38555936
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2006057976A Expired - Fee Related JP4704247B2 (en) | 2006-03-03 | 2006-03-03 | Network equipment |
Country Status (1)
Country | Link |
---|---|
JP (1) | JP4704247B2 (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4964683B2 (en) | 2007-06-18 | 2012-07-04 | 株式会社リコー | Communication apparatus and program |
JP4900828B2 (en) * | 2007-12-03 | 2012-03-21 | 株式会社リコー | COMMUNICATION DEVICE, COMMUNICATION METHOD, PROGRAM, AND RECORDING MEDIUM |
CN102255874B (en) * | 2010-05-19 | 2014-03-12 | 杭州华三通信技术有限公司 | Secure access method and gathering device |
JP5704267B2 (en) * | 2014-02-26 | 2015-04-22 | セイコーエプソン株式会社 | Communication device |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4112284B2 (en) * | 2002-05-29 | 2008-07-02 | 富士通株式会社 | Database access control method and database access control program |
JP4517578B2 (en) * | 2003-03-11 | 2010-08-04 | 株式会社日立製作所 | Peer-to-peer communication apparatus and communication method |
JP2006109271A (en) * | 2004-10-07 | 2006-04-20 | Canon Inc | Image communication device, communication method, program, and recording medium |
JP4029898B2 (en) * | 2005-11-25 | 2008-01-09 | 松下電工株式会社 | Network equipment |
-
2006
- 2006-03-03 JP JP2006057976A patent/JP4704247B2/en not_active Expired - Fee Related
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104158808B (en) | Portal authentication method and its device based on APP applications | |
WO2007100641A3 (en) | Communication using private ip addresses of local networks | |
HK1106637A1 (en) | Server for routing connection to client device | |
WO2007041662A3 (en) | Secured media communication across enterprise gateway | |
CN102739684B (en) | Portal authentication method based on virtual IP address, and server thereof | |
WO2014209901A3 (en) | Efficient communication for devices of a home network | |
JP2017502605A5 (en) | ||
ATE449501T1 (en) | METHOD FOR CROSSING A NAT FIREWALL DEVICE | |
JP2007235853A5 (en) | ||
CN104601566A (en) | Authentication method and device | |
JP2020500374A5 (en) | ||
WO2009007570A3 (en) | Methods and devices for communicating diagnosis data in a real time communication network | |
CN103026685B (en) | Nications control device and communications system | |
DE60304055T8 (en) | Method and apparatus for initializing the compression of packet headers of the Internet Protocol | |
GB2464367B (en) | Loopback device and mirroring method | |
JP2006050006A5 (en) | ||
CN101945053B (en) | Method and device for transmitting message | |
Kumar et al. | Performance analysis of ipv4 to ipv6 transition methods | |
TW201810108A (en) | Data processing method, device and system | |
JP2008099210A5 (en) | ||
WO2007050610A3 (en) | Methods and apparatus for use in a packet data network | |
Baker | Testing Eyeball Happiness | |
Najjar et al. | IPv6 change threats behavior | |
CN105791290A (en) | Authentication method and device for network connection | |
JP4662150B2 (en) | Firewall device |