Internet Protocol Security IPSec is actually a suite of protocols. Each protocol within the suite provides different functionality. Collective IPSec does everything except.
IPSec is a suite of protocols that provide security services at IP layer of TCP/IP stack i.e. Network Layer in OSI model.
As Andy Lemke mentioned, IPSec suite comprises of two protocols to offer security to
1. AH - Authentication Header Protocol.(Protocol no: 51)
2. ESP - Encapsulation of security payload Protocol. (Protocol no:50)
AH provides authentication, integrity and anti-replay services at Network Layer and above.
ESP provides authentication, integrity, anti-replay and confidentiality services at Transport Layer and above.
Hence, we can say, IPSec(AH+ESP) operates at Network Layer and provide security services at Network and above layers.
A note on IKE protocol
Its imperative that, if two entities want to communicate securely, they should share secret keys to set up a secure connection, encrypt and decrypt messages etc. Hence, Apart from AH and ESP , most of the IPSec implementations also use a Key exchange and management protocol that generates, negotiates and manages secret keys for establishing a secure channel between communicating entities. This key exchange protocol is called IKE - Internet Key exchange protocol.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
TrendMicroDLPSSucks
9 months, 2 weeks ago