Security Portal: IPSec – The standard way to encrypt TCP/IP traffic

“The need to leverage the massive IP network known as the
Internet for private and sensitive communications has led to the
adoption of Virtual Private Networks. VPNs began in their infancy
in 1996, but have been hampered by a lack of standards, product
compatibility and quality of service issues. Fast forward to 1999,
and VPN adoption has grown tremendously in the WAN market as an
alternative to private networks, due to many improvements in
performance and ease of use, built on a basis of standards. While
VPNs have been originally thought of as technologies to embed in
routers or firewalls to connect networks, second generation
thinking has progressed beyond this limited vision. In a world of
distributed security, with threats both external and internal,
secured VPN connections must be possible between any two endpoints:
client to router, host to host, etc. This is only possible through
robust standards. While there have been proprietary attempts at VPN
technology, IPSec is the RFC standard to provide encrypted
communications over TCP/IP. In order to provide compatibility with
existing TCP/IP networks, fields in a packet such as source and
destination addresses, packet type and checksum pass in clear text.
However, the data portion itself is encrypted.”

“The battle is over and IPSec has won. Earlier, and competitive
challenges, such as PPTP from Microsoft and L2TP from Cisco have
shown that they simply do not measure up. The forthcoming Windows
2000 includes IPSec. It already is supported in all major firewalls
and many routers. As we shall see, you can also obtain IPSec for
Linux distributions.”