SECURITY


   .-SECURITY--=--UNSECURE-----.   
>>-+---------------------------+-------------------------------><
   |              .-UNSECURE-. |   
   '-SECURITY--=--+----------+-'   
                  +-PUBLIC---+     
                  +-UNDERGRO-+     
                  +-SECURE---+     
                  +-GUARDED--+     
                  +-ENCRYPT--+     
                  '-SHIELDED-'

For LAN, ATM LAN emulation, or Enterprise Extender connections:		For ATM native connections:
statements:	PORT, GROUP (TGs to Enterprise Extender connection networks)	statements:	GROUP (TGs to connection networks) PU (TGs over PVCs)
dependency:	TGs to connection networks For GROUP; MEDIUM=HPRIP	dependency:	DIAL=YES (TGs to connection networks) DIAL=NO (TGs over PVCs)

Specifies the security level of the transmission group. The following options range from the least secure level to the most secure level.

SECURITY=UNSECURE: Specifies no security level.
SECURITY=PUBLIC: Specifies a public switched network.
SECURITY=UNDERGRO: Specifies an underground cable, not guarded.
SECURITY=SECURE: Specifies a secure conduit, not guarded.
SECURITY=GUARDED: Specifies a guarded conduit, physical only.
SECURITY=ENCRYPT: Specifies link encryption.
SECURITY=SHIELDED: Specifies a guarded conduit, physical and radiation shielded.

Recommendations:

When specified on the PORT statement, VNGROUP and VNNAME (or VNTYPE=GLOBAL) must also be specified on the PORT statement and the value applies to the TG to the connection network specified in VNNAME (or IP.IP if VNNAME is defaulted for VNTYPE=GLOBAL).
When specified on the GROUP statement, VNNAME or VNTYPE=GLOBAL must also be specified on the GROUP statement. If the GROUP is not defined as a connection network, the TG characteristics cannot be specified on the GROUP definition statement. They must be specified on the PU definition statement in the switched major node (or for dynamically created dial-in EE PUs on the DYNTYPE=EE model major node) for the PU being dialed to establish the connection.

Guideline: Although an Enterprise Extender connection network, including the virtual node name, type, and all TG characteristics, can be defined on the PORT definition statement, you should define your Enterprise Extender connection network on the corresponding GROUP definition statement instead. By coding all connection network and TG characteristics operands on the GROUP statement, the VNGROUP operand is no longer needed. Also, because there can be multiple connection networks defined in an Enterprise Extender XCA major node with multiple GROUP definition statements, defining all of the operands on the GROUP statement to which they apply provides more clarity.