IP Security

                                                IPSec 

• The IPSec standard is used to provide privacy and authentication services at the IP layer. 

• The IPSec networking device will typically encrypt and compress all the traffic going into the WAN, and decrypt and decompress traffic coming from the WLAN. 

• An association is a one-way relationship between a sender and a receiver that affords security services to the traffic carried on it. 

• Each SA consists of values such as destination address, a security parameter index (SPI), the IPSEC transforms used for that session, security keys, and additional attributes such as IPSec lifetime. 

• In each IPSec implementation, there is a nominal security Association Database defines the parameter's associated with each SA. 

• In its simplest form, an SPD contains entries, each of which defines a subset of IP traffic and points to an SA for that traffic.

• Each SPD entry is defined by a set of IP and upper-layer protocol field values, called sectors. AN SPI is a 32-bit number that is used to uniquely identify a particular SA for any connected device. 

• The IP Sec architecture documents are divided into seven groups and its has its advantages and various benefits.

Keywords:

SA  - Security Association

SPI - Security Parameter Index

DRAM - Dynamic Random Access Memory

MTU - Maximum Transmission Unit

SPD - Security Policy Database

TOS    - Type of Service