Chapter 32 - Security in the internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls. Chapter 32 briefly discusses the applications of topics discussed in chapters 30 and 31 to the Internet model. We show how network security and cryptography can be used in three upper layers of the Internet model. | Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 32. Figure Common structure of three security protocols 32. 32-1 IPSecurity (IPSec) IPSecurity (IPSec) is a collection of protocols designed by the Internet Engineering Task Force (IETF) to provide security for a packet at the network level. Two Modes Two Security Protocols Security Association Internet Key Exchange (IKE) Virtual Private Network Topics discussed in this section: 32. Figure TCP/IP protocol suite and IPSec 32. Figure Transport mode and tunnel modes of IPSec protocol 32. IPSec in the transport mode does not protect the IP header; it only protects the information coming from the transport layer. Note 32. Figure Transport mode in action 32. Figure Tunnel mode in action 32. IPSec in tunnel mode protects the original IP header. Note 32. Figure Authentication Header (AH) Protocol in transport mode 32. The AH Protocol provides source authentication and data integrity, but not privacy. Note 32. Figure Encapsulating Security Payload (ESP) Protocol in transport mode 32. ESP provides source authentication, data integrity, and privacy. Note 32. Table IPSec services 32. Figure Simple inbound and outbound security associations 32. IKE creates SAs for IPSec. Note 32. Figure IKE components 32. Table Addresses for private networks 32. Figure Private network 32. Figure Hybrid network 32. Figure Virtual private network 32. Figure Addressing in a VPN 32. 32-2 SSL/TLS Two protocols are dominant today for providing security at the transport layer: the Secure Sockets Layer (SSL) Protocol and the Transport Layer Security (TLS) Protocol. The latter is actually an IETF version of the former. SSL Services Security Parameters Sessions and . | Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 32. Figure Common structure of three security protocols 32. 32-1 IPSecurity (IPSec) IPSecurity (IPSec) is a collection of protocols designed by the Internet Engineering Task Force (IETF) to provide security for a packet at the network level. Two Modes Two Security Protocols Security Association Internet Key Exchange (IKE) Virtual Private Network Topics discussed in this section: 32. Figure TCP/IP protocol suite and IPSec 32. Figure Transport mode and tunnel modes of IPSec protocol 32. IPSec in the transport mode does not protect the IP header; it only protects the information coming from the transport layer. Note 32. Figure Transport mode in action 32. Figure Tunnel mode in action 32. IPSec in tunnel mode protects the original IP header. Note 32. Figure