What is IP Security

IP Security:IP Packets have no inherent security So it is relatively easy to

1. forge contents of IP packets
2. modify contents of IP packets
3. inspect the contents of IP packets in transit

• Therefore, There is no guarantee that IP datagrams received are from the true
• Sender and contain the original data that the sender placed in them.
• Again it was not inspected by a third party while the packet was being sent from source to destination.
• So IPSec is a method of protecting IP datagrams from all the above Hazards.
• It provide protection in form of

1. data origin authentication
2. connectionless data integrity authentication
3. data content confidentiality
4. anti-replay protection
5. limited traffic flow confidentiality

• It provides the Protection via Encapsulating Security Payload (ESP) or Authentication Header (AH).

Architecture of IP Security 

• The IPsec suite is an open standard. IPsec uses the following protocols to perform various functions as shown below:
• Authentication Headers (AH) provide connectionless integrity and data origin authentication for IP datagrams and provides protection against replay attacks.
• Encapsulating Security Payloads (ESP) provide confidentiality, data-origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic-flow confidentiality.
• Security Associations (SA) provide the bundle of algorithms and data that provide the parameters necessary to AH and/or ESP operations.

Two different modes of IPSec:

IPSec can be implemented in a host-to-host transport mode, as well as in a network tunneling mode.

1. Transport mode: In transport mode, only the payload of the IP packet is usually encryptedand/or authenticated.
2. Tunnel mode: In tunnel mode, the entire IP packet is encrypted and/or authenticated. It is then encapsulated into a new IP packet with a new IP header. Tunnel mode is used to create virtual private networksfor network-to-network.