This book details the suite of IP security protocols and their interaction with users, systems, and devices. It includes in-depth descriptions of the various IPSec communications and key management protocols that provide the foundation of secure communications. It presents examples of implementation and real world experience and their comparison to the standards that make up IPSec. The author provides a technical explanation of a very complicated and misunderstood technology in terms that allow even the most novice of individuals to understand the inner workings of IPSec.
IPsec is a framework of open standards for ensuring private communications over IP networks which has become the most popular network layer security control. It can provide several types of data protection: confidentiality, integrity, data origin authentication, prevention of packet replay and traffic analysis, and access protection.
IPsec has several uses, with the most common a virtual private network (VPN). This is a virtual network built on top of existing physical networks that can provide a secure communications mechanism for data and IP information transmitted between networks. Although VPNs can reduce the risks of networking, they cannot eliminate it. For example, a VPN implementation may have flaws in algorithms or software, or insecure configuration settings and values, that attackers can exploit. There are three primary models for VPN architectures, as follows:
+ Gateway-to-gateway. It connects two networks by deploying a gateway to each network and establishing a VPN connection between the two gateways. The VPN protects communications only between the two gateways. The gateway-to-gateway is most often used when connecting two secured networks, such as a branch office and headquarters, over the Internet.
+ Host-to-gateway. It connects hosts on various networks with hosts on the organization’s network by deploying a gateway to the organization’s network and permitting external hosts to establish individual VPN connections to that gateway. The VPN protects communications only between the hosts and the gateway. The host-to-gateway model is most often used for hosts on unsecured networks, such as traveling employees.
+ Host-to-host. It connects hosts to a single target host by deploying VPN software to each host and configuring the target host to receive VPN connections from the other hosts. This is the only VPN model that provides protection for data throughout its transit. It is most often used when a small number of users need to use or administer a remote system that requires the use of insecure protocols.
The guide provides an overview of the types of security controls that can provide protection for Transmission Control Protocol/Internet Protocol (TCP/IP) network communications, which are widely used throughout the world. TCP/IP communications are composed of four layers that work together: application, transport, network, and data link. Security controls exist for network communications at each of the four layers. As data is prepared for transport, it is passed from the highest to the lowest layer, with each layer adding more information. Because of this, a security control at a higher layer cannot provide full protection for lower layers, because the lower layers perform functions of which the higher layers are not aware.
IPsec is a network layer control with several components. IPsec has two security protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP). AH can provide integrity protection for packet headers and data. ESP can provide encryption and integrity protection for packets, but cannot protect the outermost IP header, as AH can. The capability for integrity protection was added to the second version of ESP, which is used by most current IPsec implementations; accordingly, the use of AH has significantly declined. IPsec typically uses the Internet Key Exchange (IKE) protocol to negotiate IPsec connection settings, exchange keys, authenticate endpoints to each other, and establish security associations, which define the security of IPsec-protected connections. IPsec can also use the IP Payload Compression Protocol (IPComp) to compress packet payloads before encrypting them.