CCIE R&S V5.1 Written Exam: Describe GET VPN
I will be discussing Describe GET VPN as part of Layer 3 Technologies and Fundamental Routing Concepts CCIE Routing and Switching (R&S) V5.1 exam blueprint topics.
Describe GET VPN :
4.2.b Describe GET VPN
Let me summarize some of the key takeaways related to CCIE R&S V5.1 Written Exam: Implement and Troubleshoot Static Routing as relevant to CCIE Routing and Switching (R&S) V5.1 written exam blueprint topics.
- A GETVPN deployment has primarily three components, Key Server (KS), Group Member (GM), and Group Domain of Interpretation (GDOI) protocol
- There are two types of keys that the GM will receive from the KS:
- Key Encryption Key (KEK), securing control plane
- Traffic Encryption Key (TEK), securing data plane
- If a GETVPN GM is unable to register to a KS, it will send all traffic unencrypted (fail-open by default)
- GET VPN uses the Synchronous Anti-Replay (SAR) mechanism to provide anti-replay
- Cisco IOS GET VPN uses the IETF’s standard RFC3547 Group Domain of Interpretation (GDOI) as the key management protocol
I sincerely hope that you found this article and video helpful. Please post your questions or suggestions in the comments and tell me how you are preparing for your CCIE Routing and Switching (R&S) V5.1 written and lab exams.