Unformatted text preview: from a FR and ATM
environment to an IP VPN
— Teleworker lower connection costs by 20%-25% per month over traditional
dial up & ISDN. • Use of Standard Protocols – Internet Protocol IP and IPsec provide
needed standardization. • Simplification of Maintenance and Support – Reducing scalability issues and management complexity simplifies network operation. VPN IPsec IKE v2 TLS M. Mogollon – 01/08 - 10 • A person traveling to Paris, for example, could make phone calls from his laptop or transfer his
calls to his laptop. 10 VPN, IPSec and TLS What is IPsec?
IPsec / (1) A suit of security protocols standardized by
the Internet Engineering Task Force (IETF) that
address data privacy, integrity, authentication, and
key management, as well as, tunneling to TCP/IP
networks. (2) A secure architecture that supports
several applications that encrypt and/or authenticate
all traffic at the IP level. VPN IPsec IKE v2 TLS M. Mogollon – 01/08 - 11 • IPsec provides security services at the IP layer by enabling a system to select required security
protocols, determine the algorithm(s) to use for the service(s), and put in place any cryptographic
keys required to provide the requested services.
• IPsec can be used to protect one or more "paths" between a pair of communicating hosts,
between a pair of communicating security gateways, or between a security gateway and a host.
The term security gateway refers to an intermediate system that implements IPsec protocols. For
example, a router or a firewall implementing IPsec is a security gateway.
• IPsec provides the following security services: data origin authentication, access control,
confidentiality (encryption), connectionless integrity, rejection of replayed packets (a form of
partial sequence integrity), and limited traffic flow confidentiality. 11 VPN, IPSec and TLS Why IPsec
• IPsec-compliant products allow secure Virtual Private
Networks in any existing IP-based network. • IPsec is based on several strong encryption standards.
• IPsec provides security services such as: data origin
authentication, access control, c...
View Full Document
This note was uploaded on 05/26/2010 for the course TECH 6350 taught by Professor Mogollon during the Spring '10 term at University of Arkansas for Medical Sciences.
- Spring '10