IPsec provides security services for the IP layer, which allows the system to select a security protocol on request, and determine the algorithm used by the service and place the key to the corresponding position. IPsec is used to protect one or more hosts and hosts, security gateways and security networks, and the path of security gateways and hosts.
The security services available by IPSec include access control, unconnected integrity, data source authentication, anti-replay protection, confidentiality, and limited transport stream confidentiality. Because these services are available in the IP layer, any high-level protocol can use them. For example, TCP, UDP, ICMP, BGP, etc.
These goals are completed by two major transport protocols: head authentication AH, package security load ESP, and use through key management processes and protocols. The use of IPsec protocol sets in any environment is determined by users, applications, and / or sites, organizations to security and system requirements.
For details, please visit the following page:
Chinese Version:
http://www.networkDictionary.com/chinese/protocols/ipsec.php
English: http://www.networkDictionary.com/protocols/ipsec.php
