Monday, October 26, 2020

Basics of IPsec

IPsec

Internet Protocol Security

The Internet Protocol Security is a security protocol, which includes encryption and authentication technologies. It has been developed to ensure the integrity, confidentiality and authentication of data communications over an IP network.

It can be used at Virtual Private Networks (VPN), Application-level security and routing security. It mechanisms by encrypting IP packets, along with authenticating the source where the packets come from.

In general view IPSec deals with higher security than old and vulnerable protocols like Point to Point protocol.

IPsec has two modes of operation i.e. transport mode and tunnel mode. When operating in transport mode, the source and destination hosts must directly accomplish all cryptographic operations. Encrypted data is sent through a single tunnel that is created with L2TP (Layer 2 Tunneling Protocol). Data (cipher text) is created by the source host and retrieved by the destination host. This mode of operation establishes end-to-end security.

When operating in tunnel mode, special gateways accomplish cryptographic processing in addition to the source and destination hosts. Here, several tunnels are created in series between gateways, establishing gateway-to-gateway security.
IPsec can protect data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).

Advantages

  • IPSec security is executed at the network layer. Thus, it do not depend on the applications used.
  • It offers confidentiality. Throughout any data exchange, IPSec uses public keys that helps to safely transfer of confidential data over the network.
  • It have no impact on higher network layer and it have transparent feature on the applications.
IPSEC Tunnel

An Internet Protocol Security (IPSec) tunnel is a set of standards and protocols formerly developed by the Internet Engineering Task Force (IETF) to support secure communication as packets of information are transported from an IP address across network borders and vice versa.

An IPSec tunnel allows for the implementation of a virtual private network (VPN) which an organization may use to securely spread its reach elsewhere in its own network to customers and stakeholders.

In tunnel mode, it encrypts entire packet including IP Header and creates new IP header.

What IPSEC can do for me?

  • Authentication
  • Integrity
  • Access control
  • Confidentiality

-DR


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Network Scanning Tools

Network Scanning through Nmap and Nessus Network scanning is a process used to troubleshoot active devices on a network for vulnerabilities....

  • Basics of Ethernet
    Ethernet   Ethernet is the Media access method in a network where all the device or hosts , that share data or share the bandwidth in betw...
  • Telecom | STM-1/4/16 SDH Multiplexer- Part 2
    STM-1/4/16 SDH Multiplexer In my older post I have covered the basic STM and STM-1. STM1 is a synchronous digital hierarchy (SDH) is standar...
  • General IT Controls -ITGC & GTAG
    General IT Controls (GITC or ITGC) Information Technology General Controls is a type of internal controls which is combined a set of policie...