Rather than a single technology, IPsec consists of a set of protocols (rules) and processes designed to ensure secure network communications. Here are the most important elements of the IPsec suite:
Authentication Header (AH)
Data is transmitted across a network in segments (packets). Each packet has a ‘header’: i.e. information that describes what the receiving device can expect from the data stream. The Authentication Header (AH) essentially acts like a tamper-proof seal. It enables the receiving device to verify the data packet’s origin and to check that it has not been accessed or altered in transmission.
Encapsulating Security Protocol (ESP)
As well as adding a further authentication layer, this protocol is responsible for encryption, ensuring that only authorised devices can read transmitted data
Internet Security Association and Key Management Protocol
With ESP, devices communicating with each other use a shared key for encrypting and decrypting the data they exchange. To facilitate this, ISAKMP defines the attributes of the connection, including establishing the encryption key and cryptographic algorithm to be used.