What is IPSec? IPSec is a short form for Internet Protocol Security – A framework of protocols to ensure secure private communication over public networks like Internet.
With the increase of Internet usage, the threat of information leakage to wrong hands have also increased due to lack of secure ways of communication over the public networks. Any secure communication network should provide the following functionality: Data Integrity – Indicates whether the data is corrupted or changed by third party who is un-authorized to do so. Confidentiality of data – Should not allow un-authorized entities to examine the data being carried over the network. Authentication – Should ensure that the identity of entities in communication are indeed what they claim to be IPSec is a framework of protocols operating at Network Layer of OSI protocol stack, provides the functionality needed by a secure communication channel.
This framework consists of the following protocols:
1. Authentication Header (AH) Protocol AH Provides integrity protection for packet headers and data, but it cannot provide confidentiality of data.
2. Encapsulating Security Payload (ESP) protocol ESP provides integrity protection of packets and also confidentiality of data through encryption of the data to be protected.
3. Internet Key Exchange (IKE) protocol IKE enables secure exchange of security keys involved in establishing a secure communication, manages the keys exchanged and provides the authentication of the entities.