In Place and Tunnel Mode Encapsulation

[dean7711]

There are questions on the exam relating to In Place and Tunnel Mode Encapsulation. I have looked around documents in the R60 documentation and Syngress but cannot find any resource on them. Can anyone explain the theory or know where to obtain?

Thanks

[chillyjim]

Tunnel-mode is what most folks use, where the entire packet is encapsulated and encrypted. In-place is where just the data payload is encrypted.

Tunnel mode is requied to route RFC1918 addresses between sites.

[dean7711]

Thanks for that. Is there anything further else to this because im sure about 2-3 questions came up on my ccsa....

[firewalz]

I have always seen this referred to as "Tunnel Mode" and Transport Mode", is "In Place" a Checkpoint term?

[Yasushi Kono]

In former times Checkpoint introduced the encryption scheme FWZ1. This one did inplace encryption. No encryptiion of the IP header.

Nowadays, the term in place encryption is not useful anymore!

Kind regards,
Yasushi

[MarioL]

The questions that may come in the exam, assuming they are still using the old 4.0 and 4.1 ones, will be something like this:

What is the advantage of in-place encryption. The answer is that it doesn't increase packet size, since you don't add a new header/footer.

They also used to ask what methods and/or algorithms support in-place encryption. Going back a long way here... if I remember correctly FWZ is the method and FWZ-1 is the algorithm... might be wrong, but I'm sure someone will post here and correct or confirm it :)

They also had questions about key size, which was 48bit for FWZ1.

To be honest, if you get these kind of questions, they are being a bit evil, since this is old and pretty much irrelevant information nowadays.