IPSec : the new security standard for the Internet, intranets, and virtual private networks

IPsec offers the strongest security available to companies seeking to build VPNs and other applications that deliver confidential information across the Internet. This is the most authoritative, comprehensive guide to IPsec available -- authored by its first implementers, and active participants in the IPsec standards process. First, review the fundamentals of computer and network security, and the tradeoffs associated with implementing security at each layer of the IP stack. Next, walk through IPsec's architecture and components; the role of authentication, encryption, encapsulating security payloads (ESPs), and key management protocols. Learn how IPsec addresses security in host-to-host, host-to-gateway, and gateway-to-gateway configurations; and in VPN tunneling. Review detailed scenarios, discovering how to implement IPsec in VPNs, nested tunnels, chained tunnels, and overlapping security associations. Finally, preview the future of IPsec, with timely coverage of compression, multicast, mobility, and more.

I. OVERVIEW. 1. CRYPTOGRAPHIC HISTORY AND TECHNIQUES. Secrets in History. Rise of the Internet. Internet Security. Cryptographic Tools. Crypto Concepts. More Information. 2. TCP/IP Overview. Introduction. Introduction to TCP/IP. Addressing. Domain Name System. Security at What Level. 3. IP Security Overview. The Architecture. Encapsulating Security Payload (ESP). Authenticated Header (AH). Internet Key Exchange. II. DETAILED ANALYSIS. 4. IPSEC ARCHITECTURE. Introduction. The IPSec Roadmap. IPSec Implementation. IPSec Modes. Security Associations. IPSec Processing. Fragmentation. ICMP. 5. The Encapsulating Security Payload (ESP). The ESP Header. ESP Modes. ESP Processing. 6. The Authentication Header (AH). The AH Header. AH Modes. AH Processing. 7. The Internet Key Exchange. ISAKMP. IKE. The IPSec DOI. Summary. III. DEPLOYMENT ISSUES. 8. POLICY. Introduction. Policy Definition Requirement. Policy Representation and Distribution. Policy Management System. Deployment. Setting Up the Policy. 9. IPSec Implementation. Introduction. Implementation Architecture. IPSec Protocol Processing. Fragmentation and PMTU. ICMP Processing. 10. IP Security In Action. End-to-End Security. 11. IPSec Futures. Compression. Multicast. Key Recovery. L2TP. Public Key Infrastructure. Index.