Skip to main content
Wireless Logic
IPSEC_3200-scaled

What is IPsec?

Internet Protocol Security (IPsec) is a set of rules designed to ensure secure communication between devices across any public network.

What is IPsec?

IPsec (Internet Protocol Security) refers to a set of protocols designed to ensure secure communication between devices across the internet or any public network.

IPsec enables businesses to authenticate data sources and to protect sensitive information (e.g. payment details and confidential communications) when this information is transmitted across a network. It’s also a frequent method of choice for authenticating traffic and securing data within a virtual private network (VPN).

What is IPsec?

Rather than a single technology, IPsec consists of a set of protocols (rules) and processes designed to ensure secure network communications. Here are the most important elements of the IPsec suite:

Authentication Header (AH)

Data is transmitted across a network in segments (packets). Each packet has a ‘header’: i.e. information that describes what the receiving device can expect from the data stream. The Authentication Header (AH) essentially acts like a tamper-proof seal. It enables the receiving device to verify the data packet’s origin and to check that it has not been accessed or altered in transmission.

WL-Secure-l2tp

How does IPsec work?

IPSEC_Pic1v3

IPsec operates in one of two modes: tunnel or transport.

Tunnel mode

In tunnel mode, the entire IP data packet – including both the data payload and the header – is encrypted during transmission. IPsec encrypts the packet, adds a new IP header and sends it to the other endpoint. This mode enables secure data transmission, even where you have multiple devices communicating with each other via different networks.

IPsec operating steps

Here’s how an IPsec connection works in practice…

Host Recognition

The system recognises that a data packet requires protection. The packet is treated as “interesting traffic”, automatically triggering the appropriate IPsec security policies.

IKE Phase One

The communicating devices (peers) are authenticated. An Internet Key Exchange (IKE) policy is also negotiated between these peers. This ensures that the parties are using the same encryption key. A secure tunnel is established for the exchange of data.

IKE Phase Two

The parameters for data exchange are negotiated between peers using the ISAKMP.

Data Transfer

Data is encrypted and then transmitted through the IPsec tunnel. At the other end, the packets are decrypted.

How is IPsec used in VPN?

A virtual private network (VPN) links two or more devices, enabling them to access a shared system. It’s essentially a secure tunnel that can operate over a public network.

For businesses, a VPN can create a private connection between scattered employee devices and the company’s systems, making it ideal for a remote working set-up. This type of solution is also useful for IoT initiatives, allowing deployed smart devices to communicate with the infrastructure that manages or collects data from them.

In IoT systems, IPSec VPN is often used to secure connections between Enterprise networks and MNO/MVNO networks or to secure communications directly with devices.

With a VPN, transmitted data is encrypted before it reaches the sender’s internet service provider (ISP). One of the most common uses of IPsec is in encrypting and authenticating all traffic travelling through the tunnel.

IPSEC_Pic2

IoT. It's not complicated with Wireless Logic.

Design and deploy a future-proof IoT solution that scales with your business.

Contact us