A packet that has a sequence number that is before the sliding window is considered
either late or a duplicate packet. Late and duplicate packets are dropped.
Legacy
Concentrator
Legacy
PIX
Firewall
ASA
Business Partner
with a Cisco Router
Mobile Worker with a
Cisco VPN Client
on a Laptop Computer
Corporate
Main Site
Perimeter
Router
POP
Regional Office with
a PIX Firewall
SOHO with a Cisco
ISDN/DSL Router
IPsec
Introducing VPN Solutions 309
Plain-text data that is transported over the public Internet can be intercepted and read. To
keep the data private, you should encrypt the data. By digitally scrambling the data, it is
rendered unreadable. Figure 8-10 shows how the data is encrypted as it passes across the
public Internet.
Figure 8-10 Data Encryption
For encryption to work, both the sender and the receiver must know the rules that are used
to transform the original message into its coded form. Rules are based on an algorithm
and a key. An algorithm is a mathematical function that combines a message, text, digits,
or all three with a string of digits called a key. The output is an unreadable cipher string.
Decryption is extremely dif?¬?cult or impossible without the correct key.
Pages:
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459