Wednesday, September 18, 2019

Internet Protocol Security (IPSec) for Backbones Essay -- Technology,

Abstract : Internet Protocol version 6(Pv6) is the advanced version of the IPv4 protocol and both of these protocols are part of TCP/IP suite.TCP/IP is the only protocol for transmission of data over the internet As the internet is not secure place for transmission of secure and confidential information (packets) So to protect this information over the non secure channels(internet ) the IPSec was introduced .IPSec is the worldly know standard for the secure transmission over the internet . IPSec is mandatory for IPv6 and optional for IPv4 deployments .But as the IPsec provides authentication, confidentiality and integrity of the internet protocol (IP) packets but it slows down the transmission devices and where there is huge transmission of data like in Gbps at the backbone networks, the performance of the transmission devices is highly effected . So to improve the transmission rate on high performance networks number of techniques have been used till now and these techniques are the valuable addition in the current technologies .Purpose of this paper is to high light , what types of techniques are available in the current time for improving the performance of the transmission devices both at the H/W and S/W level while applying the IPSec and what drawbacks in the already existing techniques . Keywords: Internet Protocol Security (IPsec), IPv6 , Internet Security, Virtual Private Network(VPN) security ,IPsec for high performance networks. Introduction :As in the current era the internet is widely used for sending and receiving information in a very fast way. As internet is not only used by the single user but huge companies (enterprises) use them for their business use . An enterprises may have their offices at different l... ...yer of TCP/IP working like SSL and these all security protocols need security parameter for establishing a secure connection over the network and each security protocol is doing this by negotiation their own security parameter with the other party. That’s why each security protocol is negotiating its security parameter independently which is the wastage of network resources.[3] The author proposes his solution that each security protocol will maintain its set of negotiating parameters which is called DoI (Domain of interpretation ).ISAKMP will store these agreed security parameters into a file which is called SA file and group of SA are stored in a database and other security protocol will use these security parameter instead of negotiating their own and thus avoiding the duplicity. [3]. Figure 6 :Relation of Security Protocol through ISAKMP negotiation[3]

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.