IPSec Full Form
IPSec stands for Internet Protocol Security. It is a suite of protocols between two communication points across the IP network that provides data authentication, data integrity, and confidentiality. It was developed by Internet Engineering Task Force(IETF) in 1995. It defines the architecture for security services for IP network traffic and gives a framework for providing security at the IP layer, as well as the suite of protocols designed to provide security through authentication and encryption of IP network packets.IPsec includes the protocols that define the cryptographic algorithms used for encryption, decryption, and authentication.
Types of Securities
It defines two mechanism for security on IP packets:
- ESP Protocol(Encapsulating Security Payload Protocol): It provides method for encrypting data in IP packets.
- AH Protocol(Authentication Header Protocol): It defines method for digitally signing IP packets.
Example: IPSec can be used for providing security for routers sending routing data across the public internet securely.
Characteristics of IPSec
Advantages of IPSec
- IPSec operates at layer 3, that is the network layer, as a result it has no impact on higher network layers. It provides transparency to application. The end-user need not to bother about the IPSec or its configurations.
- As it is implemented at the network layer, IPSec allows monitoring all the traffic that passes over the network.
- During any data exchange, IPSec uses a public key that helps in the safe transfer of confidential data, as a result securing the keys ensures safe data transfer.
- IPSec only requires modifications to the operating system, so IPSec based Virtual Private Networks do not need to worry about the type of application.
Disadvantages of IPSec
- One of the greatest disadvantages of IPSec is its wide access range, giving access to a single device of IPSec based network, can give privileges for other devices too.
- IPSec causes some compatibility issues with software if software developers do not adhere to the standards of IPSec.
- IPSec has high C.P.U usage when the data packet size is small, the performance of the network diminishes due to large overhead used by IPSec.
- Security of certain algorithms used in IPSec is a concern, if someone uses broken algorithm, the server will be at a greater risk of a hack.