Internet Protocol Security

An authentication and encryption protocol suite that works at the Internet/Netwrok layer.

• Transport mode Only the actual payload of the IP packet is encrypted: the destination and source IP addresses and other IP header information are still readable.
• Tunnel mode The entire IP packet is encrypted and then placed into an IPsec endpoint where it is encapsulated inside another IP packet.
• Won’t be widely utilized until IPv6 is in more widespread use.
• Currently only really used for creating secure tunnels between devices.

Security architecture #

IPsec uses the following protocols to perform various functions:

• Authentication Headers
• Encapsulating Security Payloads
• Internet Security Association and Key Management Protocol

Source: https://en.wikipedia.org/wiki/IPsec#Encapsulating_Security_Payload