IP Security enables secure communications over the Internet and within company networks by securing data traffic at the IP layer. This allows individual users or organizations to secure traffic for all applications, without having to make any modifications to the applications. Therefore the transmission of any data, such as e-mail or application-specific company data, can be made secure.
To secure data transmissions, a user creates a virtual tunnel that encapsulates all IP traffic between two hosts, called a Virtual Private Network (VPN). The user's criteria and the tunnel type determine what methods are used for data integrity, privacy, and authentication.
This chapter discusses the following topics: