Page 146 - StudyBook.pdf
P. 146
130 Chapter 3 • Communication Security: Remote Access and Messaging
Figure 3.10 SSH Communications are Established in Four Steps
Client requests session
Authentication Handshake
Exchange of keys
Secure session
IPSec
The IPSec protocol, as defined by the IETF, is “a framework of open standards for
ensuring private, secure communications over IP networks, through the use of
cryptographic security services.”This means that IPSec is a set of standards used for
encrypting data so that it can pass securely through a public medium, such as the
Internet. Unlike other methods of secure communications, IPSec is not bound to
any particular authentication method or algorithm, which is why it is considered
an “open standard.”Also, unlike older security standards that were implemented at
the application layer of the OSI model, IPSec is implemented at the network layer.
EXAM WARNING
Remember that IPSec is implemented at the network layer, not the
application layer.
The advantage to IPSec being implemented at the network layer (versus the
application layer) is that it is not application-dependent, meaning users do not have
to configure each application to IPSec standards. IPSec also has the ability to be
implemented in two different modes of operation:
■ Transport Mode IPSec implemented in transport mode (Figure 3.8)
specifies that only the data (or payload) be encrypted during transfer.The
advantage to this is speed—since the IP headers are not encrypted, the
packets are smaller.The downside to transport mode is that a hacker can
www.syngress.com
