Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 11: VPN Theory and Usage > Solutions Fast Track

Solutions Fast Track

Understanding IPSec

image IPSec was engineered to provide several services: privacy and confidentiality of data, origin authentication, data integrity, access control, and protection against replay attacks.

image The IPSec protocol provides two modes of operation: transport mode and tunnel mode.

image IPSec has two methods for verifying the source of an IP packet as well as verifying the integrity of the payload contained within: authentication header (AH) and encapsulating security payload (ESP). While ESP can encrypt and authenticate the entire packet, AH only authenticates the packet.

image IPSec supports the use of both manual keys and autokey IKE.

image Internet Key Exchange, or IKE, generates and negotiates keys and SAs automatically based on either preshared secrets or digital certificates and takes place in two phases, 1 and 2.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint