IPsec

	IPsec
advICE :Reference :Networking : IPsec

IPsec is a suite of cryptographic extensions to the normal TCP/IP protocol suite. Before IPsec, applications had to handle their own cryptography functions (like SSL for HTTP). With IPsec, this logic can be pushed down to the network layer.
IPsec works in three primary modes:

Host-to-Host
An encrypted connections is created between two hosts, in much the same way that SSL creates an encrypted connection from the web browser to the web server.
Host-to-Network
Allows VPN style functionality, where remote users can log onto the local network with a secure connection.
Network-to-Network
Allows two separate networks to be connected securely with the Internet. In this case, it is generally configured as Router-to-Router. It allows things like connecting remote branch offices with the main network.

Protocol (4)
How IPsec looks on the wire
IKE (1)
Internet Key Exchange

Crypto (10)
Cryptography within IPsec

FAQ: Using IPsec with OpenBSD
RFC2401 - Security Architecture for the Internet Protocol
Sets out the goals of IPsec.
RFC2411 - IP Security Document Roadmap
Lewis' IPSEC Page-A page full of IPsec information.

RESOURCES

Books
FAQs
Intro
News
Lists
Notes

SEARCH