ipsec

IPSec - Cisco Service Provider Blog « Welcome to The Exabyte Era | Main | SP CTO Update » February 27, 2008 IPSec Co-authored with Shyam Kota, Product Manager at Cisco working towards a secure Internet infrastructure With the advent of Web 2.0 applications, enterprises and their respective service providers are viewing the network as a service enabler that transports critical business applications. Doing so over the public internet is considered risky from an infosec perspective, prone to loss of data confidentiality to hackers and fraud. To ensure secure transport of data, various proprietary protocols were developed - however the scope of these were limited to the application they were designed to serve. To overcome such limitations and ensure a uniform end-to-end security framework, IPSec for IP was developed by IETF. What makes this Possible? Designed by the Internet Engineering Task Force (IETF) as the security architecture for the Internet Protocol, IPSec defines IP packet formats and related infrastructure for transporting IP traffic with end-to-end authentication, ensuring integrity and confidentiality for network traffic. IPSec protocol allows for negotiation of IPSec policies and security associations and transporting encrypted data over any network (public or private) between trusted peers/systems. The Solution For transport of data securely, two common approaches are available. For telecommuters and remote users, IPSec tunnel can start at the end user (PC) and terminated at the SP edge. The data from the user can be transported securely over the internet and decrypted at the SP edge and sent to the final destination over an IP/MPLS network. The other approach is to create a IPSec tunnel between Enterprise edge and the SP edge, whereby all traffic is encrypted by default. The first approach allows for secure remote access for all users and requires support for termination of potentially thousands of IPSec tunnels at the SP edge. The latter approach allows for secure data transport for enterprises between headquarters and branch offices via the SP core network. For service providers, the ability to offer secure VPN service in the network is very appealing value add. This approach can also enable offering new services rapidly, in areas where the SP does not have a services footprint. Cisco has a complete portfolio of solutions that provide IPSec support. The workhorse of the service provider edge platforms - Cisco XR-12K - introduces this functionality via the IPSec shared port adapter - each of which can deliver up to 2 Gbps of AES and 3DES encrypted data traffic along with scaling up to 16,000 site-to-site or remote-access IPsec tunnels simultaneously. Posted by Kelly Ahuja on February 27, 2008 03:31 PM Trackback Pings TrackBack URL for this entry: http://blogs.cisco.com/cgi-bin/mt/mt-t.cgi/1486 Comments Post a Comment Name: Email Address: URL: Remember Me? YesNo Comments: (you may use HTML tags for style) Blogs@Cisco Home March 2008 Sun Mon Tue Wed Thu Fri Sat 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Subscribe ** More info on XML/RSS feeds Search this blog Email Subscriptions **More Info on Email Subscriptions Categories General Industry News/Trends Managed Services Mobility Technology & Standards Video Archives March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 Recent Entries SP CTO Update IPSec Welcome to The Exabyte Era The End of Gs "ItвЂ™s the application stupid!" BLOG ROLL The Platform Light Reading Blogs Smith on VoIP Telco 2.0 VoIP IP Telephony Brad Reese's Blog 6200networks.com RELATED LINKS Blogger Biographies Cisco Service Provider Website Cisco Service Provider News Cisco Service Provider Events News@Cisco LEGAL Disclaimer Legal Disclaimer Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator. © 1992-2007 Cisco Systems, Inc. All rights reserved. разделы дезинфекция белье видеослот скрипт рассылка объвлений поглощение радиоволна пбоюл крановый тележка селин дион билет листогибы сенсорный экран устройство купить букмекерский линия герб рф интеллектуальный электросчетчик катушка контактор ваза 21102 гуп ритуал флюрисцентная краска кулер тихий автоподъемник зиплок нард скачать бесплатный грунт renu multiplus 355мл виниловый дирижабль доставка санкт токовый клещ рассылка корреспонденция краска ржавчина автобетононасосы ipsec