Security - News

IPsec is a framework of open standards for ensuring private communications over public networks. Its most common use is the creation of virtual private networks (VPNs). IPsec provides several types of data protection, including maintaining confidentiality and integrity, authenticating the origin of data, preventing packet replay and traffic analysis, and providing access protection. This document describes the three primary models for VPN architectures: gateway-to-gateway, host-to-gateway, and host-to-host. These models can be used, respectively, to connect two secured networks, such as a branch office and headquarters, over the Internet; to protect communications for hosts on unsecured networks, such as traveling employees; or to secure direct communications between two computers that require extra protection. The guide describes the components of IPsec. It also presents a phased approach to IPsec planning and implementation that can help in achieving successful IPsec deployments. The five phases of the approach are as follows: identify needs, design the solution, implement and test a prototype, deploy the solution, and manage the solution. Special considerations affecting configuration and deployment are analyzed, and three test cases are presented to illustrate the process of planning and implementing IPsec VPNs.

Autor: JP

Heuristické vyhledání souvisejících článků v archívu NEWS

• Nové drafty NIST : SP 800- 73 (PIV - druhá verze) a SP 800-77, Guide to IPsec VPNs
• IPsec tutoriál - ?ást t?etí
• rfc.4869 - Suite B Cryptographic Suites for IPsec
• RFC 4025 - A Method for Storing IPsec Keying Material in DNS
• Vyšlo RFC 4196 - The SEED Cipher Algorithm and Its Use with IPsec