IP SECURITY

INTRODUCTION

In today's massively interconnected business world of the Internet, intranets, branch offices, and remote access, sensitive information constantly crosses the networks. The challenge for network administrators and other IS professionals is to ensure that this traffic is:

• Safe from data modification while enroute.
• Safe from interception, viewing, or copying.
• Safe from being accessed by unauthenticated parties.

These issues are known as data integrity, confidentiality, and authentication. In addition, replay protection prevents acceptance of a resent packet.
Designed by the Internet Engineering Task Force (IETF) for the Internet Protocol, IPSec supports network-level authentication, data integrity, and encryption. IPSec integrates with the inherent security of the IP datagram to provide the ideal platform for safeguarding intranet and Internet communications.

Because IP Security is deployed below the transport level, network managers (and software vendors) are spared the trouble and expense of trying to deploy and coordinate security one application at a time. The IPSec framework does not specify exactly which encryption algorithms must be used by its implementations. Instead, it provides an empty infrastructure where the desired algorithms may be set. This actually is a smart design decision, because it allows the implementations to be modular, customizable for specific problems and easily up gradable with new algorithms. A standard set of default algorithms is specified by the IETF in order to foster the early adoption of IPSec

IP security refers to security mechanism implemented at the IP (Internet Protocol) Layer to ensure integrity, authentication and confidentiality of data during transmission in the open Internet environment. The primary objective of recent work in this area is to improve robustness of the security mechanism at IP layer for users who request security.