What is IPSec?

The Internet Engineering Task Force developed IPSec in the 1990s to ensure data confidentiality, integrity, and authenticity when accessing public networks. For example, users connect to the internet with an IPSec virtual private network (VPN) to access company files remotely. The IPSec protocol encrypts sensitive information to prevent unwanted monitoring. The server can also verify that the received data packets are authorized.

IPSec encryption is a software function that scrambles data to protect its content from unauthorized parties. Data is encrypted by an encryption key, and a decryption key is needed to unscramble the information. IPSec supports various types of encryptions, including AES, Blowfish, Triple DES, ChaCha, and DES-CBC. 

IPSec uses asymmetric and symmetric encryption to provide speed and security during data transfer. In asymmetric encryption, the encryption key is made public while the decryption key is kept private. Symmetric encryption uses the same public key for encrypting and decrypting data. IPSec establishes a secure connection with asymmetric encryption and switches to symmetric encryption to speed up data transfer.

IPSec protocols send data packets securely. A data packet is a specific structure that formats and prepares information for network transmission. It consists of a header, payload, and trailer.

• A header is a preceding section that contains instructional information for routing the data packet to the correct destination. 
• Payload is a term that describes the actual information contained within a data packet.
• The trailer is additional data appended to the tail of the payload to indicate the end of the data packet. 

 Some IPSec protocols are given below.

Authentication header (AH)

The authentication header (AH) protocol adds a header that contains sender authentication data and protects the packet contents from modification by unauthorized parties. It alerts the recipient of possible manipulations of the original data packet. When receiving the data packet, the computer compares the cryptographic hash calculation from the payload with the header to ensure both values match. A cryptographic hash is a mathematical function that summarizes data into a unique value. 

Encapsulating security payload (ESP)

Depending on the selected IPSec mode, the encapsulating security payload (ESP) protocol performs encryption on the entire IP packet or only the payload. ESP adds a header and trailer to the data packet upon encryption. 

Internet key exchange (IKE)

Internet key exchange (IKE) is a protocol that establishes a secure connection between two devices on the internet. Both devices set up security association (SA), which involves negotiating encryption keys and algorithms to transmit and receive subsequent data packets. 

VPN, or virtual private network, is a networking software that allows users to browse the internet anonymously and securely. An IPSec VPN is a VPN software that uses the IPSec protocol to create encrypted tunnels on the internet. It provides end-to-end encryption, which means data is scrambled at the computer and unscrambled at the receiving server. 

SSL VPN 

SSL stands for secure socket layer. It is a security protocol that protects web traffic. An SSL VPN is a browser-based network security service that uses the built-in SSL protocol to encrypt and safeguard network communication. 

What is the difference between IPSec VPN and SSL VPN?

Both security protocols work on different layers of the open systems interconnection (OSI) model. The OSI model defines the layered structure of how computers exchange data on a network. 

IPSec protocols apply to the network and transport layers in the middle of the OSI model. Meanwhile, SSL encrypts data on the topmost application layer. You can connect to an SSL VPN from a web browser but must install separate software to use IPSec VPNs.