CSCI 4541 Lecture Notes - Lecture 7: Internet Key Exchange, Ipsec, Internet Architecture Board

Issued in 1994 by the internet architecture board (iab) Need to secure the network infrastructure from unauthorized monitoring and control of network traffic. Need to secure end-user-to-end-user traffic using authentication and encryption mechanisms. Iab included authentication and encryption as necessary security features in the next generation ip (ipv6) The ipsec specification now exists as a set of internet standards. Ipsec provides the capability to secure communications across a lan, private and public. Secure branch office connectivity over the internet. Establishing extranet and intranet connectivity with partners. Principal feature of ipsec is that it can encrypt and/or authenticate all traffic at the ip level. Thus all distributed applications (remote logon, client/server, e-mail, file transfer, ** figure 20. 1 displays an ip security scenario ** When ipsec is implemented in a firewall or router, it provides strong security that can be applied to all traffic crossing the perimeter. Traffic within a company or workgroup does not incur the overhead of security-related processing.