Computer network configuration

When LDAP communications occur between a client and server, several standard pieces of information are transmitted. These components are generally configured by the client application, and can be changed by the end user. They are: username, password, and destination server name and port. We leverage these components to pass encryption information to the server as follows. The destination server and port are replaced with the destination server name and port of the virtual directory. This configures the client to communicate with the virtual directory, instead of the original destination directory. Note that the original destination directory is transparent to the client through virtualization, which is one of the core services in virtual directories. The password remains the same as the original password used to authenticate to the original computer network configuration.2 We replace the username component with a string which is the concatenation of the following: the client username, IDc, the hash of the original user password, H(pwdc), and a symmetric key between the client and virtual directory, Kcv. The last two components are encrypted using a secret key known only to the virtual directory server, Kv.

CAR is the oldest policing tool offered in the Cisco IOS Software and is included in this chapter primarily for historical reasons. However, the Cisco 7300 platforms still use CAR in certain configurations. RFC-compliant policers are available in newer releases of the Cisco IOS Software, so CAR is not generally recommended for network assessment test deployments