IPsec offers the strongest security available to companies seeking to build VPNs and other applications that deliver confidential information across the Internet. This is the most authoritative, comprehensive guide to IPsec available -- authored by its first implementers, and active participants in the IPsec standards process. First, review the fundamentals of computer and network security, and the tradeoffs associated with implementing security at each layer of the IP stack. Next, walk through IPsec's architecture and components; the role of authentication, encryption, encapsulating security payloads (ESPs), and key management protocols. Learn how IPsec addresses security in host-to-host, host-to-gateway, and gateway-to-gateway configurations; and in VPN tunneling. Review detailed scenarios, discovering how to implement IPsec in VPNs, nested tunnels, chained tunnels, and overlapping security associations. Finally, preview the future of IPsec, with timely coverage of compression, multicast, mobility, and more.
"synopsis" may belong to another edition of this title.
IPSec, the suite of protocols for securing any sort of traffic that moves over an Internet Protocol (IP) network, promises big things for online business. IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks catalogues the specifications that compose this suite and explains how they fit into intranets, virtual private networks (VPNs), and the Internet.
Authors Doraswamy and Harkins first treat IPSec as a system, explaining how its component parts work together to provide flexible security. Their approach to this task makes sense: they first explain why standard IP packets aren't secure; then they show how the IPSec improvements make secure transactions possible. Readers get full descriptions of how various network entities talk to one another. Where appropriate, concepts that aren't specific to IPSec are explained, including IPv4 and IPv6 packet structures and addressing schemes. There's some information on cryptography too.
IPSec's parts are explained individually: the Authentication Header (AH), Encapsulating Security Payload (ESP), Internet Key Exchange (IKE), and ISAKMP/Oakley protocols are detailed with lots of prose, supplemented with a smattering of packet diagrams and conceptual sketches. Sections on implementing IPSec protocols on networks remain fairly abstract and don't mention actual products, but should prove useful to programmers designing their own network security products around the IPSec specifications. --David WallFrom the Publisher:
summary and table of contents
A guide to the new IP Security standard and protocol instrumental in making Virtual Private Networks a reality. This is going to be a major topic in 1999. Authors from Cisco and Nortel contributed to the development of the protocol. This will include an IP Security overview with an intro tutorial on tcp/ip stack: indepth coverage of encapsulating security payload, authentication header, detailed discussion of secret key management protocols. IPsec kernel and IPsec in action chapter with case examples.
I. : OVERVIEW.
1. CRYPTOGRAPHIC HISTORY AND TECHNIQUES.
Secrets in History. Rise of the Internet. Internet Security. Cryptographic Tools. Crypto Concepts. More Information.
2. TCP/IP Overview.
Introduction. Introduction to TCP/IP. Addressing. Domain Name System. Security at What Level.
3. IP Security Overview.
The Architecture. Encapsulating Security Payload (ESP). Authenticated Header (AH). Internet Key Exchange.
II. : DETAILED ANALYSIS.
4. IPSEC ARCHITECTURE.
Introduction. The IPSec Roadmap. IPSec Implementation. IPSec Modes. Security Associations. IPSec Processing. Fragmentation. ICMP.
5. The Encapsulating Security Payload (ESP).
The ESP Header. ESP Modes. ESP Processing.
6. The Authentication Header (AH).
The AH Header. AH Modes. AH Processing.
7. The Internet Key Exchange.
ISAKMP. IKE. The IPSec DOI. Summary.
III. : DEPLOYMENT ISSUES.
Introduction. Policy Definition Requirement. Policy Representation and Distribution. Policy Management System. Deployment. Setting Up the Policy.
9. IPSec Implementation.
Introduction. Implementation Architecture. IPSec Protocol Processing. Fragmentation and PMTU. ICMP Processing.
10. IP Security In Action.
11. IPSec Futures.
Compression. Multicast. Key Recovery. L2TP. Public Key Infrastructure.
"About this title" may belong to another edition of this title.
Book Description Prentice Hall, 1999. Hardcover. Book Condition: New. book. Bookseller Inventory # 0130118982
Book Description Prentice Hall, 1999. Hardcover. Book Condition: New. Bookseller Inventory # P110130118982
Book Description Prentice Hall. Hardcover. Book Condition: New. 0130118982 New Condition. Bookseller Inventory # NEW6.0042374