Scribd
Upload
45 views4 pages

IPSec

IPsec is an IETF standard that provides data authentication, integrity, and confidentiality between two communication points across an IP network. It defines encrypted and authenticated packets and key exchange/management protocols. IPsec is commonly used in VPNs. It can encrypt application layer data, provide router security, and authenticate data origin. Components include ESP for encryption/authentication and AH for integrity/authentication without encryption.

Uploaded by

Aryan Panchal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
45 views4 pages

IPSec

IPsec is an IETF standard that provides data authentication, integrity, and confidentiality between two communication points across an IP network. It defines encrypted and authenticated packets and key exchange/management protocols. IPsec is commonly used in VPNs. It can encrypt application layer data, provide router security, and authenticate data origin. Components include ESP for encryption/authentication and AH for integrity/authentication without encryption.

Uploaded by

Aryan Panchal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

5.

3 IP security (IPsec)
• The IP security (IPsec) is an Internet Engineering Task Force (IETF) standard suite of
protocols between 2 communication points across the IP network that provide data
authentication, integrity, and confidentiality
• It also defines the encrypted, decrypted and authenticated packets. The protocols needed
for secure key exchange and key management are defined in it.
• It is used in virtual private networks (VPNs).

Uses of IP Security –

To encrypt application layer data.
• To provide security for routers sending routing data across the public internet.
• To provide authentication without encryption, like to authenticate that the data originates
from a known sender.
• To protect network data by setting up circuits using IPsec tunneling in which all data is
being sent between the two endpoints is encrypted, as with a Virtual Private
Network(VPN) connection.
Components of IP Security –

• Encapsulating Security Payload (ESP) –


It provides data integrity, encryption, authentication and anti replay. It also provides
authentication for payload.

• Authentication Header (AH) –


It also provides data integrity, authentication and anti replay and it does not provide
encryption. The anti replay protection, protects against unauthorized transmission of
packets. It does not protect data’s confidentiality.
Firewall
• A firewall is a network security device that monitors incoming and outgoing network
traffic and permits or blocks data packets based on a set of security rules.
• Its purpose is to establish a barrier between your internal network and incoming traffic
from external sources (such as the internet) in order to block malicious traffic like viruses
and hackers.

❑ Types of firewalls
• Proxy firewall
• Stateful inspection firewall
• Packet Filtering Gateway
• Guards
• Personal Firewall
Intrusion Detection System (IDS)
• An Intrusion Detection System (IDS) is a system that monitors network traffic for
suspicious activity and issues alerts when such activity is discovered.
• It is a software application that scans a network or a system for harmful activity or policy
breaching.
• Any malicious venture or violation is normally reported either to an administrator or
collected centrally using a security information and event management (SIEM) system.
• A SIEM system integrates outputs from multiple sources and uses alarm filtering
techniques to differentiate malicious activity from false alarms.
• Although intrusion detection systems monitor networks for potentially malicious activity,
they are also disposed to false alarms.
• Hence, organizations need to fine-tune their IDS products when they first install them.
• It means properly setting up the intrusion detection systems to recognize what normal
traffic on the network looks like as compared to malicious activity.

You might also like