Suite of IPsec protocols at the service of the VPNs and mobility

Add to my library

TE7545 V2 Article

Suite of IPsec protocols at the service of the VPNs and mobility

Author : Maryline LAURENT-MAKNAVICIUS

Publication date: November 10, 2007 | Lire en français

Add to my library Add to my library

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

Overview

ABSTRACT

Where the communication of a company is carried out via a public network it is important to remain extremely cautious. In order to address this safety issue, the Ipsec protocol, the secured version of IP appears to be the most comprehensive solution meeting the largest amount of scenarios. The compatibility issues of the IPsec suite with basic mechanisms are presented in this article. The use made of IPsec in order to secure the VPNs in the case of the interconnection of remote private networks and of remote access are also detailed.

Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.

Read the article

AUTHOR

  • Maryline LAURENT-MAKNAVICIUS : Professor GET/INT, Institut national des télécommunications, Evry

 INTRODUCTION

To facilitate inter- and intra-company communications, and thus improve business relations and productivity, many companies are looking for efficient, secure communication tools. Companies generally subscribe to VPN (Virtual Private Network) services from specialized companies (Internet service providers, operators, etc.).

In the future, these companies would like to offer their employees even greater flexibility, enabling them to communicate with any type of equipment (controlled, of course), anywhere and even on the move. Today, the techniques associated with mobility and security do not offer such flexibility, but the scientific community is working on it.

Wishes
Concerns

Whenever a company's communications are routed over a public network, it's important to be extremely cautious. Indeed, what is the proof that these exchanges will not be subject to eavesdropping during transfer, and that their content will not be revealed to a third party? This is just one of the many forms that industrial espionage can take.

What's more, what's to ensure that the traffic received actually comes from the declared terminal, and not from a malicious terminal that has usurped the identity of a legitimate terminal? This last question is all the more problematic as, in the long term, it is highly likely that users will be able to connect to their corporate network from any type of terminal.

Responses and developments

The IPsec (IP security) protocol, the secure version of IP, is the most comprehensive solution for this security issue, covering the widest range of scenarios.

This protocol, standardized by the IETF, makes it possible to authenticate communicating entities, ensure the authenticity, integrity and confidentiality of exchanged data, and maintain an acceptable level of security throughout connections, by periodically updating security parameters. IPsec is widely used today, in a VPN context, to secure the interconnection of remote private networks and, to a lesser extent, to secure remote access by a nomad to his or her private corporate network. On this latter point, IPsec is competing with SSL (Secure Socket Layer) VPN.

If this trend continues, operators' network infrastructures should gradually evolve towards "all-IP", and the IPsec solution should see new uses.

Details

This file describes the IPsec protocol suite, in particular the three sub-protocols: AH (Authentication Header), ESP (Encapsulating Security Payload), and...

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?


Ongoing reading
Suite of IPsec protocols at the service of the VPNs and mobility

Article included in this offer

"Networks and Telecommunications"

( 174 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Dans les ressources documentaires

Introduction d'IPv6 dans les réseaux mobiles - Impacts sur la sécurité

Cet article présente les options permettant d’introduire IPv6 dans les infrastructures mobiles, tout en g...

Gestion du roaming par AAA pour les services PPP et Mobile P

L'accès d'un utilisateur distant à un intranet suppose une opération d'authentification auprès du fournis...

Diffusion MPLS - Le meilleur du multicast IP et de l'ingénierie de trafic

La croissance significative des services IP, par exemple pour la diffusion de programmes télévisés, soulè...

VPN MPLS IPv6

La nouvelle architecture VPN BGP/MPLS IPv6 de type 6VPE normalisée à l'IETF peut être vue comme un mécani...

Tous les livres blancs
Article Comment surfer sur le web incognito
16 November 2014
Comment surfer sur le web incognito

Pour surfer anonymement, plusieurs méthodes : paramétrer son navigateur web de façon à ne rien conserver, en utilisant le “mode de navigation privée” ; ou utili...

Toutes les actualités
Contact us