摘要 |
An IPsec-capable node 2 , such as a security gateway 2 , is provided for a virtual private network 1 . The security gateway 2 contains a CPU 4 having a volatile memory 5 in which is stored, among other things, a security association database for controlling secure communications between the network and external users. A controller 6 periodically stores the security association database in a disk memory 7 or other nonvolatile memory. When a restoration of power to the security gateway is detected following a power failure, the controller 6 retrieves the latest security association database from the memory 7 and injects it into the volatile memory 5 whose contents were lost during the power failure. The security gateway 2 may then restore secure communication with external users. |