Resolving information associated with a network device includes receiving a request for first information associated with the network device. The request includes second information associated with the device, such as identification information. Based on the second information, an entry that includes the first information in association with the second information is located in a security association database. For example, an entry that includes the information association is located in a Security Association Database (SAD) of an IPsec endpoint device. The first information is read from the entry and a response to the request is based on this first information. The association between the first and the second information that is stored in the relevant database may be based on an identification authentication mechanism. Thus, for example, a management station is able to obtain the dynamically assigned network address of an interesting IPsec endpoint device by providing identity information associated with the device.