
	Where results make sense

Topic: IPsec

Related Topics

Authentication Header

Internet Control Message Protocol

Transport layer

Exterior Gateway Protocol

Network layer

Internet Protocol

OSI model

Generic Routing Encapsulation

BGP

Routing

IGRP

IP address

L2TPv3

WiFi

Topics in cryptography

In the News (Sun 29 Nov 09)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	IPsec - Wikipedia, the free encyclopedia
		IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream.
		IPsec is an obligatory part of IPv6, and is optional for use with IPv4.
		IPsec was intended to provide either transport mode: end-to-end security of packet traffic in which the end-point computers do the security processing, or tunnel mode: portal-to-portal communications security in which security of packet traffic is provided to several machines (even to whole LANs) by a single node.
	en.wikipedia.org /wiki/IPsec (1545 words)

	RFC 2401 (rfc2401) - Security Architecture for the Internet Protocol
		IPsec can be used to protect one or more "paths" between a pair of hosts, between a pair of security gateways, or between a security gateway and a host.
		Note that any IPsec headers processed in these steps may have been removed, but that this information, i.e., what SAs were used and the order of their application, may be needed for subsequent IPsec or firewall processing.
		In the IPsec context, the resource to which access is being controlled is often: o for a host, computing cycles or data o for a security gateway, a network behind the gateway or bandwidth on that network.
	www.faqs.org /rfcs/rfc2401.html (17250 words)

	Using IPSec in Windows 2000 and XP, Part 1
		IPSec is an architecture consisting of several protocol standards aimed at protecting IP traffic.
		IPSec is commonly used to refer to the secure IP packets of the AH and ESP protocols, because these provide the major security services.
		IPSec is designed to secure traffic at the IP layer, transparently to the other layers and applications.
	www.securityfocus.com /infocus/1519 (1943 words)

	An Illustrated Guide to IPsec
		IPsec is a suite of protocols for securing network connections, but the details and many variations quickly become overwhelming.
		IPsec would be nearly useless without the cryptographic facilities of authentication and encryption, and these require the use of secret keys known to the participants but not to anyone else.
		IPsec's ESP protocol performs encryption of payload using one of several available algorithms, but a NULL encryption algorithm is typically made available for testing.
	www.unixwiz.net /techtips/iguide-ipsec.html (5364 words)

	IPSEC Protocol Overview
		IPSEC is a framework for security that operates at the Network Layer by extending the IP packet header (using additional protocol numbers, not options).
		Linux IPSEC support (the FreeS/WAN project), for example, isn't included in the standard kernel distribution for this reason, and has to be applied as an add-on.
		IPSEC is well suited for this environment, more so than tunneling PPP over SSL or SSH, since it operates directly on the IP packets and preserves a one-to-one correspondence between packets inside and outside the network.
	www.freesoft.org /CIE/Topics/141.htm (579 words)

	Understanding IPSec
		IPSec is a bundle of protocols and algorithms and is a flexible framework that allows vendors who build it into their products to select the algorithms, keys, and authentication methods they want to use.
		To understand IPSec better, the two protocols worth understanding first are AH and ESP. AH is used to authenticate users, and ESP applies cryptographic protections that provide authentication, integrity, and confidentiality of messages.
		IPSec is typically used to attain confidentiality, integrity, and authentication in the transport of data across insecure channels.
	www.intranetjournal.com /articles/200206/se_06_13_02a.html (543 words)

	SecurityDocs: IPSec
		IPsec is used to create tunnels for Virtual Private Networks (VPN), and also provide confidentiality, authenticity, and integrity of data through use of encryption algorithms.
		IPSEC is a complex and highly mathematical subject, and many of the in depth technical issues will be beyond the scope of this paper, however, an attempt will be made to show the reader the importance of a basic understanding of these underlying operations and tools.
		IPSec is one of the best methods of creating an encrypted, authenticated tunnel to these resources, but at the same time, the current IPSec standards do not specify a method of providing clients an internal IP configuration nor a method for authenticating more than the computer that the user is currently using for the connection.
	www.securitydocs.com /Encryption/IPSec (1144 words)

	NIST IPsec Project
		The NIST IPsec Project is concerned with providing authentication, integrity and confidentiality security services at the Internet (IP) Layer, for both the current IP protocol (IPv4) and the next generation IP protocol (IPv6).
		These security facilities (known as IPsec) are significant since they will be used to secure the infrastructure of the Internet (routing, DNS, etc.) and they can also be used to protect application-level Internet communications.
		The IETF has mandated the use of IPsec wherever feasible; the standards documents are close to completion, and there are numerous implementations.
	csrc.nist.gov /ipsec (621 words)

	How to block specific network protocols and ports by using IPSec
		IPSec policies can be applied locally or be applied to a member of a domain as part of that domain's group policies.
		For environments where IPSec policies are assigned by a Group Policy setting, you have to update the whole domain’s policy to block the particular protocol and port.
		Where IPSec is used only to permit and block traffic, remove the exemptions for Kerberos and RSVP protocols by changing a registry value.
	support.microsoft.com /kb/813878 (3857 words)

	Cisco - An Introduction to IP Security (IPSec) Encryption
		IPsec does not use the ESA acceleration, but it does work in a box that has an ESA card on a software-only basis.
		IPsec introduces packet expansion, which is more likely to require fragmentation and the corresponding reassembly of IPsec datagrams.
		IPsec uses IP protocols 50 and 51, and IKE traffic passes on protocol 17, port 500 (UDP 500).
	www.cisco.com /warp/public/105/IPSECpart1.html (7253 words)

	NetBSD IPsec FAQ
		IPsec (IP security protocol) is part of the NetBSD distributions, it provides per-packet authenticity/confidentiality guarantees between peers communicate using IPsec.
		IPsec policy decides which IPsec protocols (AH, ESP or IPcomp) to be used against a packet.
		IPsec policy rule is not tested enough for explicit protocol specification other than tcp/udp.
	www.netbsd.org /Documentation/network/ipsec (3333 words)

	VPN over IPsec
		The FreeBSD IPsec “network stack” is based on the KAME implementation, which has support for both protocol families, IPv4 and IPv6.
		Note, that it is not currently possible to use the “Fast IPsec” subsystem in lieu of the KAME implementation of IPsec.
		IPsec provides a mechanism for two hosts to agree on an encryption key, and to then use this key in order to encrypt data between the two hosts.
	www.freebsd.org /doc/en_US.ISO8859-1/books/handbook/ipsec.html (3373 words)

	What is IPsec? - a definition from Whatis.com - see also: Internet Protocol Security
		IPsec is said to be especially useful for implementing virtual private networks and for remote user access through dial-up connection to private networks.
		Cisco has been a leader in proposing IPsec as a standard (or combination of standards and technologies) and has included support for it in its network routers.
		IPsec provides two choices of security service: Authentication Header (AH), which essentially allows authentication of the sender of data, and Encapsulating Security Payload (ESP), which supports both authentication of the sender and encryption of data as well.
	searchsecurity.techtarget.com /sDefinition/0,,sid14_gci214037,00.html (316 words)

	RFC 2411 (rfc2411) - IP Security Document Roadmap
		Abstract The IPsec protocol suite is used to provide privacy and authentication services at the IP layer.
		Interrelationship of IPsec Documents The documents describing the set of IPsec protocols are divided into seven groups.
		The IPsec Architecture document specifies how keys are extracted from a single block of keying material when multiple keys are required (e.g.
	www.faqs.org /rfcs/rfc2411.html (2228 words)

	[No title]
		When these mechanisms are correctly implemented and deployed, they ought not to adversely affect users, hosts, and other Internet components that do not employ these security mechanisms for Kent & Atkinson Standards Track [Page 4] RFC 2401 Security Architecture for IP November 1998 protection of their traffic.
		Hence, in the Kent & Atkinson Standards Track [Page 8] RFC 2401 Security Architecture for IP November 1998 discussions that follow, SAs will be described in the context of point-to-point communication, even though the concept is applicable in the point-to-multipoint case as well.
		Bump-in-the-stack implementations, where IPsec is implemented "underneath" an existing implementation of a TCP/IP protocol stack, between the native IP and the local network drivers Kent & Atkinson Standards Track [Page 37] RFC 2401 Security Architecture for IP November 1998 c.
	www.ietf.org /rfc/rfc2401.txt (16921 words)

	Linux VPN Masquerade
		It can also be used to provide access to a Private Network IPsec or PPTP server behind a Linux firewall...
		The IPsec AH protocol (51/ip) incorporates a cryptographic checksum including the IP addresses in the IP header.
		Therefore, IPsec VPNs that use the AH protocol cannot be successfully masqueraded.
	www.impsec.org /linux/masquerade/ip_masq_vpn.html (2211 words)

	What is IPsec? - A Word Definition From the Webopedia Computer Dictionary (Site not responding. Last check: 2007-10-10)
		IPsec has been deployed widely to implement Virtual Private Networks (VPNs).
		For IPsec to work, the sending and receiving devices must share a public key.
		IP-based SANs are attractive alternatives to their more expensive and complex Fibre Channel counterparts, but securing IP communications remains a significant concern.
	webopedia.com /TERM/I/IPsec.html (250 words)

	IP Security Protocol (ipsec) Charter
		The NULL Encryption Algorithm and Its Use With IPsec (RFC 2410) (11239 bytes)
		The AES-CBC Cipher Algorithm and Its Use with IPsec (RFC 3602) (30254 bytes)
		UDP Encapsulation of IPsec Packets (RFC 3948) (0 bytes)
	www.ietf.org /html.charters/OLD/ipsec-charter.html (855 words)

	IPsec
		IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection.
		IPsec is supported by the Microsoft Windows Server 2003, Microsoft Windows XP, and Windows 2000 operating systems and is integrated with the Active Directory directory service.
		IPsec policies can be assigned through Group Policy, which allows IPsec settings to be configured at the domain, site, or organizational unit level.
	www.microsoft.com /technet/itsolutions/network/ipsec/default.mspx (730 words)

	End-to-end... and everything in between
		There are bits and pieces of the actual Solaris IPsec missing from OpenSolaris (especially from ESP) that will show up on OpenSolaris soon as well, now that we're officially open-source.
		I wasn't allowed (yes, I'm serious; and no, it had nothing to do with any government interference) to work on IPsec or IKE when I first got to Sun, but the RFC was work that was a continuation from my previous job.
		It instead calls directly into IPsec (and if we had other in-kernel consumers, it would directly call to those) and returns a message to the user immediately.
	blogs.sun.com /danmcd/date/20050614 (1693 words)

	Block Ping Traffic with IPSec
		IPSec is a protocol that’s designed to protect individual TCP/IP packets traveling across your network by using public key encryption.
		This is not the place for a more detailed intro to the IPSec features, but know that besides encryption, IPSec will also let you protect and configure your server/workstation with a firewall-like mechanism.
		Simply by creating a policy element that will tell the computer to block all the specific IP traffic that is configured by those rules.
	www.petri.co.il /block_ping_traffic_with_ipsec.htm (1003 words)

	IPSec White Papers, IPSec Webcasts, IPSec Product Information and IPSec IT Downloadsfrom Top IT Vendors (Site not responding. Last check: 2007-10-10)
		SUMMARY: This paper compares the value and capabilities of carrier options, IPSec tunneling, and dual MPLS network backup regimes in terms of security, QoS, last mile, full failure, and cost.
		IPSEC DEFINITION (continued): … is said to be especially useful for implementing
		Cisco has been a leader in proposing IPsec as a standard (or combination of standards and technologies) and has included support for it in its network
	www.bitpipe.com /data/rlist?t=soft_10_100_66_4 (264 words)

	Virtual Private Network Consortium -- VPNC (Site not responding. Last check: 2007-10-10)
		This testing is available to our IPsec and SSL members.
		The current issue of the newsletter is available here, and previous issues of the news letter are also available.
		The ietf-xauth and ietf-mode-cfg mailing lists are for discussing these two protocols that are no longer part of the IPsec WG's charter.
	www.vpnc.org (320 words)

Try your search on: Qwika (all wikis)