IPsec (Internet Protocol Security) is a
framework for a set of protocols
for security at the network or packet processing layer of network
communication.
Earlier security approaches have
inserted security at the Application layer of the communications model. IPsec
is said to be especially useful for implementing virtual private networks and for
remote user access through dial-up connection to private networks. A big
advantage of IPsec is that security arrangements can be handled without
requiring changes to individual user computers. Cisco has been a leader in
proposing IPsec as a standard (or combination of standards and technologies)
and has included support for it in its network routers.
Internet Protocol security (IPsec)
is a framework of open standards for helping to ensure private, secure
communications over Internet Protocol (IP) networks through the use of cryptographic
security services. IPsec supports network-level data integrity, data
confidentiality, data origin authentication, and replay protection . Because IPsec
is integrated at the Internet layer (layer 3), it provides security for almost
all protocols in the TCP/IP suite, and because IPsec is applied transparently
to applications, there is no need to configure separate security for each
application that uses TCP/IP.
IPsec helps provide defense-in-depth
against:
- Network-based attacks from untrusted computers, attacks that can result in the denial-of-service of applications, services, or the network
- Data corruption
- Data theft
- User-credential theft
- Administrative control of servers, other computers, and the network.
No comments:
Post a Comment