Skip to main content
IBM 
ShopSupportDownloads
IBM HomeProductsConsultingIndustriesNewsAbout IBM
IBM : developerWorks : Security : Education - online courses
Virtual private networks, Part 2		Download tutorial zip fileView letter-sized PDF fileView A4-sized PDF fileE-mail this tutorial to a friend
Main menuSection menuGive feedback on this tutorialNext
3. Encapsulating Security Protocol
  


ESP overview page 1 of 11


Encapsulating Security Protocol (ESP) provides integrity check, authentication, and encryption for IP datagrams. It operates on a per-packet basis. The desired services to be used are selectable upon establishment of the security association (SA). However, some restrictions apply:

  • Integrity check and authentication go together.
  • Replay protection is selectable only with integrity check and authentication.
  • Replay protection can be selected only by the receiver.

Encryption is selectable independent of any other services. If encryption is enabled, then integrity check and authentication should be turned on as well. If only encryption is used, intruders could forge packets in order to mount a cryptanalytic attack.


Main menuSection menuGive feedback on this tutorialNext
PrivacyLegalContact