From National Institute of Standards and Technology | Nov 30, 2010
IPsec is a framework of open standards for ensuring private communications over
public networks. It has become the most common network layer security control,
typically used to create a virtual private network (VPN). A VPN is a virtual network
built on top of existing physical networks that can provide a secure communications
mechanism for data and control information transmitted between networks. VPNs are used
most often to protect communications carried over public networks such as the Internet.
A VPN can provide several types of data protection, including confidentiality,
integrity, data origin authentication, replay protection and access control. Although
VPNs can reduce the risks of networking, they cannot totally eliminate them. For
example, a VPN implementation may have flaws in algorithms or software, or a VPN may be
set up with insecure configuration settings and values. Both of these flaws can be
exploited by attackers.
The guide provides an overview of the types of security controls that can provide
protection for Transmission Control Protocol/Internet Protocol (TCP/IP) network
communications, which are widely used throughout the world.
The attached Zip file includes:
- Intro Page.doc
- Cover Sheet and Terms.doc
- Guide to IPsec VPNs.pdf
