Subscribe
natrian_maxwell

CHAP vs IPsec question

‎2010-09-17 12:16 PM

On the Netapp site for practice test questions, There is one question that states:

Q: Which authentication protocol is used to establish an Iscsi session, and then to authenticate Iscsi intitiators at target login?

A: CHAP

I thought IPsec was responsible for this process. Can someone help me clarify the difference as both are authentication protocols?  correct?

Is CHAP the actual protocol used for the authentication process and IPsec is used to encrypt the data after the authentication process has taken place?

0 Kudos
AdvUniMD

Re: CHAP vs IPsec question

‎2010-09-22 05:07 AM

CHAP is used for authentication. IPSEC is used for encryption. Two different things.

I guess if you use IPsec then the authentication itself is already encrypted, but since we never had the need for IPsec (VLANs provide physical isolation and don't need any CPU resources) I can not tell you 100%.

-Michael

0 Kudos
kvinay
kvinay Former NetApp Employee

Re: CHAP vs IPsec question

‎2010-09-22 11:23 PM

CHAP is used for login authentication in ISCSI ,IPsec is a technology for data encryption ,both are security related but used for different purposes.

  • Challenge Handshake Authentication Protocol is a security protocol used to enable iSCSI initiators and targets to prove their identity to each other to ensure each connection is authorized between host and storage.
  • Internet Protocol Security is a suite of protocols for securing IP traffic by authenticating and encrypting each packet in the data stream.

Regards,

Vinay

0 Kudos