The Internet connects millions of people around the world and allows for immediate communication and access to a seemingly limitless amount of information. Data, video, and voice, almost every single type of communication, travels across the Internet. Some of this communication is private.
The language of the Internet is IP, the Internet Protocol. Everything can, and does, travel over IP. One thing IP does not provide, though, is security. IP packets can be forged, modified, and inspected en route. IPSec is a suite of protocols that seamlessly integrate security into IP and provide data source authentication, data integrity, confidentiality, and protection against replay attacks.
With IPSec, the power of the Internet can be exploited to its fullest potential.
Communication is the lifeblood of business. Without a guarantee that a customer's order is authentic, it is difficult to bill for a service. Without a guarantee that confidential information will remain confidential, it is impossible for businesses to grow and partnerships to be formed.
Unless there is a guarantee that records and information can remain confidential, the health care industry cannot utilize the Internet to expand its services and cut its costs.
Personal services, such as home banking, securities trading, and insurance can be greatly simplified and expanded if these transactions can be done securely.
The growth of the Internet is truly dependent on security, and the only technique for Internet security that works with all forms of Internet traffic is IPSec. IPSec runs over the current version of IP, IPv4, and also the next generation of IP, IPv6. In addition, IPSec can protect any protocol that runs on top of IP such as TCP, UDP, and ICMP. IPSec is truly the most extensible and complete network security solution.
IPSec enables end-to-end security so that every single piece of information sent to or from a computer can be secured. It can also be deployed inside a network to form Virtual Private Networks (VPNs) where two distinct and disparate networks become one by connecting them with a tunnel secured by IPSec.
This book discusses the architecture, design, implementation, and use of IPSec. Each of the protocols in the suite commonly referred to as "IPSec" (the Authentication Header, Encapsulating Security Payload, and Internet Key Exchange) is examined in detail. Common deployments of IPSec are discussed and future work on problem areas is identified.
This book is intended for an audience with an interest in network security as well as those who will be implementing secure solutions using IPSec, including building VPNs and e-commerce, and providing end-to-end security. Cryptography and networking basics are discussed in early chapters for those who are neither cryptography nor networking professionals.