Filter
Top Products
Chapter 21 CNM System Setting
Vantage CNM User’s Guide
318
21.7 Certificate Management Overview
Some devices can provide certificates (also called digital IDs) for users to authenticate the
device. Certificates are based on public-private key pairs. A certificate contains the certificate
owner's identity and public key. Certificates provide a way to exchange public keys for use in
authentication.
A Certification Authority (CA) issues certificates and guarantees the identity of each
certificate owner. There are commercial certification authorities like CyberTrust or VeriSign
and government certification authorities. You can use the device to generate certification
requests that contain identifying information and public keys and then send the certification
requests to a certification authority.
In public-key encryption and decryption, each host has two keys. One key is public and can be
made openly available; the other key is private and must be kept secure. Public-key encryption
in general works as follows.
1 Tim wants to send a private message to Jenny. Tim generates a public key pair. What is
encrypted with one key can only be decrypted using the other.
2 Tim keeps the private key and makes the public key openly available.
3 Tim uses his private key to encrypt the message and sends it to Jenny.
4 Jenny receives the message and uses Tim's public key to decrypt it.
5 Additionally, Jenny uses her own private key to encrypt a message and Tim uses Jenny's
public key to decrypt the message.
The device uses certificates based on public-key cryptology to authenticate users attempting to
establish a connection, not to encrypt the data that you send after establishing a connection.
The method used to secure the data that you send through an established connection depends
on the type of connection. For example, a VPN tunnel might use the triple DES encryption
algorithm.
The certification authority uses its private key to sign certificates. Anyone can then use the
certification authority's public key to verify the certificates.
Add Devices to VRPT Server Click the icon and the associated devices screen appears where
you can select associated device(s) to this VRPT server. Click Add to
return to the previous screen and the selected device(s) display in the
Associated Devices field. When you click Apply, Vantage CNM
automatically configures these devices to send log messages to this
Vantage Report. It does not change any settings for log categories or
traffic statistics, so you might have to change these manually. See
VRPT User’s Guide for more information.
To unassociate a device to the VRPT server, click the icon and
unselect the associated device from the list. Then click Add. When you
click Apply, Vantage CNM automatically resets the syslog settings to
their default values for devices that previously used the specified
Vantage Report server. It does not change any settings for log
categories or traffic statistics.
Apply Click Apply to save these changes.
Cancel Click Cancel to return to the previous screen without saving changes.
Table 155 CNM System Setting > Configuration > VRPT Management > Add/Edit (continued)
LABEL DESCRIPTION