IPSec Full Form

IPSec stands for Internet Protocol Security. It is a suite of protocols between two communication points across the IP network that provides data authentication, data integrity, and confidentiality. It was developed by Internet Engineering Task Force(IETF) in 1995. It defines the architecture for security services for IP network traffic and gives a framework for providing security at the IP layer, as well as the suite of protocols designed to provide security through authentication and encryption of IP network packets.IPsec includes the protocols that define the cryptographic algorithms used for encryption, decryption, and authentication.

IPSEC-Full-Form

Types of Securities

It defines two mechanism for security on IP packets:

  • ESP Protocol(Encapsulating Security Payload Protocol): It provides method for encrypting data in IP packets.
  • AH Protocol(Authentication Header Protocol): It defines method for digitally signing IP packets.

Example: IPSec can be used for providing security for routers sending routing data across the public internet securely.

Characteristics of IPSec

  • Anti-Replay Protection: IPSec assigns unique number to each packet when a packet with duplicate sequence number is detected then it is replayed and dropped.
  • Data Authentication-The Hash Message Authentication Code (HMAC) verifies that the packets are not changed.
  • Transparency: IPSec works below the transport layer so it is transparent to users and applications.
  • Confidentiality: Data packets are encrypted by the sender before transmission so the sensitive data will only reach to intended recipient.
  • Dynamic Re-Keying: Re-Keying procedure at set intervals replaces manual reconfiguration of secret keys.
  • Advantages of IPSec

    • IPSec operates at layer 3, that is the network layer, as a result it has no impact on higher network layers. It provides transparency to application. The end-user need not to bother about the IPSec or its configurations.
    • As it is implemented at the network layer, IPSec allows monitoring all the traffic that passes over the network.
    • During any data exchange, IPSec uses a public key that helps in the safe transfer of confidential data, as a result securing the keys ensures safe data transfer.
    • IPSec only requires modifications to the operating system, so IPSec based Virtual Private Networks do not need to worry about the type of application.

    Disadvantages of IPSec

    • One of the greatest disadvantages of IPSec is its wide access range, giving access to a single device of IPSec based network, can give privileges for other devices too.
    • IPSec causes some compatibility issues with software if software developers do not adhere to the standards of IPSec.
    • IPSec has high C.P.U usage when the data packet size is small, the performance of the network diminishes due to large overhead used by IPSec.
    • Security of certain algorithms used in IPSec is a concern, if someone uses broken algorithm, the server will be at a greater risk of a hack.

    Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.

    My Personal Notes arrow_drop_up

    Check out this Author's contributed articles.

    If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

    Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.