Showing posts from August 26, 2007

IPSec Standards and Protocols: AH and ESP

IPSec is one of several VPN standards that have allowed secure, low-cost connectivity and data transport between locations over unsecured communication lines. Although IPSec is most commonly used for the Internet, its use has been extended to secure communications within local area networks between client and server and server to server.

When designing and implementing a VPN solution, it is important to understand that IPSec is not a single protocol but is comprised of many protocols that can be combined to provide varying levels of protection. The premise of choosing and combining different protocols makes IPSec extremely flexible and manageable if the implementer understands the primary protocols and connection modes used in the IPSec standard.

The two protocols that, individually or in tandem, form the backbone of IPSec are Authentication Header AH) and Encapsulating Security Payload (ESP). The two modes that an IPSec connection, known as Security Association (SA), can operate in are…