Lecture CCNA security partner - Chapter 13: IPsec Fundamentals

Chapter 13. IPsec Fundamentals © 2012 Cisco and/or its affiliates. All rights reserved. 1 Contents This chapter addresses the protocols and algorithms that IPsec uses and the different security services that IPsec provides. • Analyzes the architecture of the IPsec protocol • Details the role and operational impact of IPsec’s main components • Describes IPsec modes of operation in various scenarios • Describes the phases of IPsec connectivity • Describes the role and component of IKE • Provides an overview of the operations of IPv6 VPNs © 2012 Cisco and/or its affiliates. All rights reserved. 2 IPsec Framework • An IP Security (IPsec) virtual private network (VPN) is an essential tool for providing a secure network for business communication. • IPsec works at the network layer, protecting and authenticating IP packets between participating IPsec devices (peers). • IPsec is not bound to any specific encryption, authentication, or security algorithms or keying technology. • IPsec is a framework of open standards. © 2012 Cisco and/or its affiliates. All rights reserved. 3 IPsec Framework • Confidentiality • Integrity • Authentication • Username and password • One-time password • Biometric • Preshared keys (PSK) • Digital certificates • Antireplay protection © 2012 Cisco and/or its affiliates. All rights reserved. 4 Encryption Algorithms • The following are some of the encryption algorithms and key lengths that VPNs use: – Date Encryption Standard (DES) – 3DES – Advanced Encryption Standard (AES) – Rivest, Shamir, and Adleman (RSA) – Software-Optimized Encryption Algorithm (SEAL) algorithm © 2012 Cisco and/or its affiliates. All rights reserved. 5 ... - tailieumienphi.vn