Presentation is loading. Please wait.

Presentation is loading. Please wait.

Email Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Published byBruno Moody Modified over 8 years ago

Similar presentations

Presentation on theme: "Email Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1."— Presentation transcript:

1 Email Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1

2 IP Security have a range of application specific security mechanisms – eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that cut across protocol layers would like security implemented by the network for all applications

3 IP Security general IP Security mechanisms provides – authentication – confidentiality – key management applicable to use over LANs, across public & private WANs, & for the Internet

4 IP Security Uses

5 Benefits of IPSec 1.IPsec in a firewall/router provides strong security to all traffic crossing the perimeter 2.IPsec in a firewall/router is resistant to bypass 3.is below transport layer, hence transparent to applications 4.can be transparent to end users 5.can provide security for individual users

6 IPSec Services 1.Access control 2.Connectionless integrity 3.Data origin authentication 4.Confidentiality (encryption) Two protocols are used to provide security: 1.an authentication protocol designated by the header of the protocol, Authentication Header (AH); 2. and a combined encryption/authentication protocol designated by the format of the packet for that protocol, Encapsulating Security Payload (ESP) Both AH & ESP support two modes of use : Transport and Tunnel mode.

7 Transport and Tunnel Modes Transport Mode – to encrypt & optionally authenticate IP data (payload). – When AH is used : IP payload and selected portion of the header will be authenticated. – When ESP is used : IP payload wil be encrypted. – When ESP with authentication is used : IP payload will be encrypted and authenticated.

8 Transport and Tunnel Modes Tunnel Mode – encrypts entire IP packet – add new header for next hop. – When AH is used : authenticate the entire inner header + inner payload + a selected portion of the outer header. – When ESP is used : entire inner IP packet will be encrypted. – When ESP with authentication is used : entire inner IP packet will be encrypted and authenticated

9 IPSec Modes of Operation Transport Mode: protect the upper layer protocols IP Header TCP Header Dat a Original IP Datagram IP Header TCP Header IPSec Header Dat a Transport Mode protected packet  Tunnel Mode: protect the entire IP payload Tunnel Mode protected packet New IP Header TCP Header IPSec Header Dat a Original IP Header protected

10 Tunnel Mode Host-to-Network, Network-to- Network Protecte d Data IPSec IP Layer SG Inter net Transpo rt Layer Applicat ion Layer IP Layer Host B Protecte d Data IPSec IP Layer SG Transpo rt Layer Applicat ion Layer IP Layer Host A SG = Security Gateway

11 Transport Mode Transport Layer Application Layer Host-to-Host Transport Layer Application Layer IP Layer Data Link Layer IPSec Host B IP Layer Data Link Layer IPSec Host A

12 Security Associations a one-way relationship between sender & receiver that affords security for traffic flow defined by 3 parameters: – Security Parameters Index (SPI) – IP Destination Address – Security Protocol Identifier have a database of Security Associations

13 Security Policy Database  relates IP traffic to specific SAs match subset of IP traffic to relevant SA use selectors to filter outgoing traffic to map based on: local & remote IP addresses, next layer protocol, name, local & remote ports

14 IP Traffic Processing IT352 | Network Security |Najwa AlGhamdi 14

15 IP Traffic Processing IT352 | Network Security |Najwa AlGhamdi 15

Download ppt "Email Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1."

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet Security CSCE 813 IPsec

Internet Security CSCE 813 IPsec
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.

IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Network Security Essentials Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: email – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.

IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.

IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 

Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.

IP Security. n Have a range of application specific security mechanisms u eg. S/MIME, PGP, Kerberos, SSL/HTTPS n However there are security concerns that.
Cryptography and Network Security

Cryptography and Network Security
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.

Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.

IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.

Similar presentations

Ads by Google