Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Portal: IPSec - The standard way to encrypt TCP/IP traffic

Jul 26, 1999, 13:54 (1 Talkback[s])
(Other stories by BO2K Information Cen)

"The need to leverage the massive IP network known as the Internet for private and sensitive communications has led to the adoption of Virtual Private Networks. VPNs began in their infancy in 1996, but have been hampered by a lack of standards, product compatibility and quality of service issues. Fast forward to 1999, and VPN adoption has grown tremendously in the WAN market as an alternative to private networks, due to many improvements in performance and ease of use, built on a basis of standards. While VPNs have been originally thought of as technologies to embed in routers or firewalls to connect networks, second generation thinking has progressed beyond this limited vision. In a world of distributed security, with threats both external and internal, secured VPN connections must be possible between any two endpoints: client to router, host to host, etc. This is only possible through robust standards. While there have been proprietary attempts at VPN technology, IPSec is the RFC standard to provide encrypted communications over TCP/IP. In order to provide compatibility with existing TCP/IP networks, fields in a packet such as source and destination addresses, packet type and checksum pass in clear text. However, the data portion itself is encrypted."

"The battle is over and IPSec has won. Earlier, and competitive challenges, such as PPTP from Microsoft and L2TP from Cisco have shown that they simply do not measure up. The forthcoming Windows 2000 includes IPSec. It already is supported in all major firewalls and many routers. As we shall see, you can also obtain IPSec for Linux distributions."

Complete Story

Related Stories: