Internet Protocol Security (IPsec) is a protocol within the TCP/IP suite that encrypts and authenticates IP packets. It is designed to secure any application traffic because it resides on the network layer (or Internet layer, as TCP/IP programmers refer to it). This protocol is used in conjunction with virtual private networks and is an integral part of IPv6. There are three main protocols that IPsec uses to perform its necessary functions:
• Security association (SA): This generates the encryption and authentication keys that are used by IPsec.
• Authentication header (AH): This provides connectionless integrity and the authentication of data. It also provides protection versus replay attacks.
• Encapsulating security payload (ESP): This provides the same services as AH but also provides confidentiality when sending data.
The particular IPsec protocol that is used is determined by the application utilizing IPsec.