P-2602H(W)(L)-DxA Series User’s Guide
Chapter 16 Introduction to IPSec 215
CHAPTER 16
Introduction to IPSec
This chapter introduces the basics of IPSec VPNs.
16.1 VPN Overview
A VPN (Virtual Private Network) provides secure communications between sites without the
expense of leased site-to-site lines. A secure VPN is a combination of tunneling, encryption,
authentication, access control and auditing technologies/services used to transport traffic over
the Internet or any insecure network that uses the TCP/IP protocol suite for communication.
16.1.1 IPSec
Internet Protocol Security (IPSec) is a standards-based VPN that offers flexible solutions for
secure data communications across a public network like the Internet. IPSec is built around a
number of standardized cryptographic techniques to provide confidentiality, data integrity and
authentication at the IP layer.
16.1.2 Security Association
A Security Association (SA) is a contract between two parties indicating what security
parameters, such as keys and algorithms they will use.
16.1.3 Other Terminology
16.1.3.1 Encryption
Encryption is a mathematical operation that transforms data from "plaintext" (readable) to
"ciphertext" (scrambled text) using a "key". The key and clear text are processed by the
encryption operation, which leads to the data scrambling that makes encryption secure.
Decryption is the opposite of encryption: it is a mathematical operation that transforms
“ciphertext” to plaintext. Decryption also requires a key.
To Next Page
Loading...
