how can work IPSec VPN

IPSec VPN

                   IPSec (Internet Protocol Security) is a framework for a set of protocols for security at the network or packet processing layer of network communication. Earlier security approaches have inserted security at the application layer of the communications model. IPSec is said to be especially usefull for implementing virtual private networks and for remote user access through dial-up connection to private networks. A big advantage of IPSec is that security arrangements can be handled without requiring change to individual user computers. Cisco has been a leader in proposing IPSec as a standard (or combination of standards and technologies) and has included support for it in its network routes. IPSec provides two choices of security service: authentication Header (AH), Which essentially allows authentication of the sender of data, and Encapsulating Security Payload (ESP), which supports both authentication of the sender and encryption of data as well. The specific information associated with each of these services is inserted into the packet in a header that follows the IP packet header. IPSec is a successor of the ISO standard Network Layer Security Protocol (NLSP). NLSP was based on the SP3 protocol that was published by NIST, but designed by the Secure Data Network System project of the National Security Agency (NSA).

            The IPSec suite is a framework of open standards. IPSec uses the following protocols perform various functions: A security association (SA) set up by Internet Key Exchange (IKE and IKEv2) or Kerberized Internet Negotiation of Keys (KINK) by handling negotiation of protocols and algorithms and to generate the encryption and authentication keys to eb used by IPSec. Authentication Header (AH) to provide protection against replay attacks. Encapsulating Security Payload (ESP) to provide confidentiality, data origin authentication, connection-less integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality.

- : Thank You For Visit : -