Netgear ADSL Firewall Router DG834 User Manual Page 191

  • Download
  • Add to my manuals
  • Print
  • Page
    / 236
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 190
Reference Manual for the ADSL Firewall Router DG834
Virtual Private Networking D-3
202-10005-05, June 2005
Encapsulating Security Payload (ESP): Provides confidentiality, authentication, and
integrity.
Authentication Header (AH): Provides authentication and integrity.
Internet Key Exchange (IKE): Provides key management and Security Association (SA)
management.
Encapsulating Security Payload (ESP)
ESP provides authentication, integrity, and confidentiality, which protect against data tampering
and, most importantly, provide message content protection.
IPSec provides an open framework for implementing industry standard algorithms, such as SHA
and MD5. The algorithms IPSec uses produce a unique and unforgeable identifier for each packet,
which is a data equivalent of a fingerprint. This fingerprint allows the device to determine if a
packet has been tampered with. Furthermore, packets that are not authenticated are discarded and
not delivered to the intended receiver.
ESP also provides all encryption services in IPSec. Encryption translates a readable message into
an unreadable format to hide the message content. The opposite process, called decryption,
translates the message content from an unreadable format to a readable message. Encryption/
decryption allows only the sender and the authorized receiver to read the data. In addition, ESP has
an option to perform authentication, called ESP authentication. Using ESP authentication, ESP
provides authentication and integrity for the payload and not for the IP header.
Figure D-1: Original packet and packet with IPSec Encapsulated Security Payload
Page view 190
1 2 ... 186 187 188 189 190 191 192 193 194 195 196 ... 235 236

Comments to this Manuals

No comments