IP security

📘 IP Security (IPSec) — Exam Notes (Network Security)

---

🔐 1. Definition

IP Security (IPSec) is a suite of protocols used to secure Internet Protocol (IP) communications by providing encryption, authentication, and integrity at the network layer.

👉 Simple idea: IPSec makes IP communication secure, private, and trusted over insecure networks like the Internet.

---

🎯 2. Objectives of IPSec

• Ensure confidentiality (data encryption)
• Ensure data integrity (no modification)
• Provide authentication (verify sender identity)
• Prevent replay attacks
• Secure communication over public networks

---

🧱 3. Key Features of IPSec

• Works at Network Layer (Layer 3 OSI model)
• Protects all IP-based applications
• Transparent to users and applications
• Used in VPNs (Virtual Private Networks)

---

🔐 4. IPSec Protocols

🔸 1. AH (Authentication Header)

• Provides:

  • Data integrity
  • Authentication
  • Anti-replay protection

❌ Does NOT provide encryption

---

🔸 2. ESP (Encapsulating Security Payload)

• Provides:

  • Encryption (confidentiality)
  • Authentication
  • Integrity

✔ Most commonly used protocol

---

🔑 5. IPSec Modes

🔹 1. Transport Mode

• Encrypts only the payload (data)
• Original IP header remains unchanged

✔ Used for end-to-end communication

---

🔹 2. Tunnel Mode

• Encrypts the entire IP packet
• Adds a new IP header

✔ Used in VPNs (site-to-site security)

---

🔐 6. Key Management in IPSec

🔸 IKE (Internet Key Exchange)

• Used to create and manage security keys automatically

✔ Ensures secure key exchange between devices

---

🧠 7. Security Services Provided by IPSec

• Confidentiality (encryption using ESP)
• Integrity (hashing algorithms)
• Authentication (digital signatures)
• Anti-replay protection (sequence numbers)

---

⚠️ 8. IPSec Architecture Components

🔹 Security Association (SA)

• Defines security parameters for communication

• Includes:

  • Encryption method
  • Keys
  • Protocol type

---

🔹 Security Policy Database (SPD)

• Defines what traffic should be protected

---

🔹 Security Association Database (SAD)

• Stores active security connections

---

📊 9. IPSec Operation Flow

1. Device sends IP packet
2. IPSec checks security policy
3. Security Association is established
4. Packet is encrypted/authenticated
5. Secure packet is transmitted

---

🔐 10. IPSec vs Normal IP

Feature	IP	IPSec
Security	None	High
Encryption	No	Yes (ESP)
Authentication	No	Yes
Integrity	No	Yes

---

🖼️ 11. Diagram Descriptions

📌 Transport Mode

• Sender → Encrypted Payload → Receiver

---

📌 Tunnel Mode (VPN)

• Original Packet → Encrypted → New IP Header → Internet

---

📌 IPSec Architecture

• SPD → SA → SAD → Secure Communication

---

🧾 12. Real-Life Examples

• 🔐 VPN connections between offices
• 🏦 Secure banking transactions
• 🏢 Company remote employee access
• 🌐 Secure site-to-site communication

---

📝 Likely Exam Questions

1. Define IPSec and its importance.
2. Explain security services provided by IPSec.
3. What is AH and ESP? Differentiate them.
4. Describe Transport and Tunnel modes.
5. What is Security Association (SA)?
6. Explain IKE in IPSec.
7. Differentiate between IP and IPSec.
8. How does IPSec ensure security?
9. What are components of IPSec architecture?
10. Write short notes on:

• VPN and IPSec
• ESP protocol
• Anti-replay protection

---

📌 Quick Summary / Conclusion

• IPSec secures IP communication at the network layer.
• It provides encryption, authentication, and integrity.
• Uses protocols like AH and ESP.
• Works in Transport and Tunnel modes (VPNs).
• Widely used for secure internet and enterprise communication.

👉 In short: IPSec is a powerful framework that ensures secure communication over untrusted networks like the Internet.

---