What is IPsec in computer networks?

IP Security (IPSec) is a collection of protocols which is designed by Internet Engineering Task Force (IETF) to provide security for a packet at the network level. It helps to create confidential and authenticated and packets for the IP layer as shown in below diagram −

IPSec protocol aim is to provide security services for IP packets like encrypting sensitive data/packets, authentication, and protection against replay and data confidentiality. It can be configured to operate in two different modes −

• Tunnel Mode
• Transport mode.

The original packet is generated as follows −

Let us discuss each mode in detail.

Tunnel mode

IPSec tunnel mode is the default mode. IPSec Tunnel mode is most widely used to create site-to-site IPSec VPN.

Let see the packet format of IPSec tunnel mode with ESP header −

          |🡨-----Original Packet----------🡨|

          |🡨-------Encrypted---------------------------🡨|

         |-----------------------Authenticated----------------------🡨|

From the above format we can conclude the following −

• The encrypted part of the packet contains the following −

• The authenticated part of the packet contains the following −

Transport Mode

IPSec Transport mode is used for end-to-end communications. In this only, the Data Payload of the IP datagram is secured by IPSec.

          |🡨-------Encrypted--------------🡨|

          |-----------------------Authenticated---------🡨|

From the above format we conclude the following −

• The encrypted part of the packet contains the following −

• The authenticated part of the packet contains the following −

Bhanu Priya

Updated on: 13-Sep-2021

3K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started