Network Kings


$999 $499 only For All Access Pass Today! USE PROMO CODE : LIMITED

d :
h :

What do you mean by IPsec? – Explained

what is ipsec?

IPsec is a set of protocols and technologies designed to secure internet communication. It is also known as Internet protocol security. IPsec is useful in providing security and authentication to the data sent over the internet.

IP packets when sent, do not have any added security to them, and an attacker can easily access the data contained in the IP Packet.

How to secure data using IPsec?

With the help of IPsec, we can secure the data in the following ways: – 

  • Encryption

IPsec encrypts the data, so it becomes unreadable to anyone without the proper decryption key. Hence, it is only readable by the sender and receiver. This makes it difficult for cybercriminals to intercept the data. 

  • Authentication

IPsec also employs authentication mechanisms to confirm the identities of the communicating parties. It ensures that the data is transmitted between the authenticated sender and receiver, which helps to avoid man-in-the-middle attacks. 

  • Security Associations

IPsec establishes security associations (SAs) between two communicating devices. These SAs define the rules and parameters for secure communication, such as the encryption and authentication methods to be used. 

  • Tunnelling

IPsec can create a secure tunnel, known as a VPN (Virtual Private Network), between two devices or networks. This tunnel encapsulates the data, adding an extra layer of security. 

What is IKE?

IKE, also known as Internet Key Exchange, is a protocol used in IPsec which helps establish a secure communication tunnel between devices. It is responsible for exchanging the necessary cryptographic keys and security parameters required for tunnel creation and establishing secure communications.

It helps in negotiating between both parties to agree on how to secure the communication and enables the creation of security associations (SAs) for encrypted and authenticated communications.

How many IKE phases are there?

IKE has two phases, namely:-  

  • IKE Phase 1 

The primary goal of Phase 1 is to establish a secure and authenticated channel for further negotiation. This phase focuses on setting up a secure initial connection between the sender and receiver. Phase 1 is used to create a secure tunnel which we can use in Phase 2. 

  • IKE Phase 2

Phase 2 builds upon the secure channel established in Phase 1 and focuses on negotiating the parameters and keys for securing the actual data traffic. 

What functions does IKE Phase 1 perform?

The following functions are performed in IKE Phase 1: –  

  • Authentication

The parties authenticate each other’s identities using methods like pre-shared keys (PSK), digital certificates, or other authentication mechanisms. 

  • Encryption

Phase 1 can involve the use of encryption to protect the negotiation process itself. 

  • Diffie-Hellman Key Exchange

A secure method for the sender and receiver to agree on shared secret keys is established through the Diffie-Hellman key exchange. 

  • Lifetime and Refreshing

Phase 1 also defines parameters like the lifetime of the negotiation and methods for refreshing keys. 

When Phase 1 is completed, both parties have established a secure communication channel and have derived a shared secret key, known as the IKE Phase 1 key. This key is used in Phase 2 to secure the actual data traffic. 

What functions does IKE Phase 2 perform?

The following functions are performed in IKE Phase 2: –  

  • Selection of Security Policies

The sender and receiver negotiate the specific security policies, including encryption and authentication algorithms, to be used for data traffic. Either AH or ESP IPsec protocol can be used. 

  • Creation of Security Associations (SAs)

One or more SAs are created for each unique combination of source and destination, defining how data should be protected. 

  • Encapsulation Mode

In phase 2, the encapsulation mode is negotiated. The mode can either be tunnel mode or transport mode.  

When Phase 2 is completed, the devices or networks involved have established one or more SAs that define how data will be encrypted, authenticated, and transmitted between them. These SAs govern the secure communication for data packets. 

phase 1 tunnel

Internet Key Exchange is useful to make a secure tunnel but does not encrypt or authenticate the data.  

For this purpose, we use the following two protocols: – 

  • Authentication Header (AH)

AH is a protocol within IPsec that provides data integrity, authentication, and anti-replay protection for IP packets. It does not provide encryption but ensures that the data has not been tampered with during transmission. 

  • Encapsulating Security Payload (ESP)

ESP is another IPsec protocol that provides encryption, data integrity, and optional authentication. It encrypts the entire IP packet, including the payload (data), making it secure. ESP is often used in combination with AH or alone to provide encryption and authentication. 

Both these protocols use two modes: –  

  • Tunnel Mode 
  • Transport Mode 

What is the difference between tunnel mode and transport mode?

The difference between tunnel mode and transport mode is as follows-

  • Transport Mode

In transport mode, only the payload (data) of the original IP packet is encrypted and/or authenticated. The original IP header remains intact. This mode is commonly used for securing point-to-point communication between devices. 

  • Tunnel Mode

In tunnel mode, the complete IP packet, including the IP header and the payload (data), is encapsulated within a new IP packet. This means that the original packet is entirely protected and secured as it travels over the network. Tunnel mode is often used to create Virtual Private Networks (VPNs) between network gateways or between a remote client and a gateway.

difference between tunnel mode and transport mode

8 thoughts on “What do you mean by IPsec? – Explained”

  1. The created tips a person contributed have extended my own knowledge as well as motivated me personally to explore this particular topic. I enjoy how you was able to get this to fascinating. My eye balls tend to be opened to be able to clean ideas.

  2. After study a number of the websites on your own internet site now, i truly like your means of blogging. I bookmarked it to my bookmark website list and will also be checking back soon. Pls consider my web-site likewise and tell me what you consider.

  3. Firstly what’s a web site? clearly a website is known as a type of internet based journal of which anybody can check out employing the planet wide internet. Weblogs are up to date frequently and therefore the individuals that create and update blogs are referred to as bloggers. Blogging can be described as term used by a blogger when creating content articles for a blogging site and weblogs are usually about any subject or theme.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.