1st Edition

A Technical Guide to IPSec Virtual Private Networks

By James S. Tiller Copyright 2001
    372 Pages
    by Auerbach Publications

    372 Pages
    by Auerbach Publications

    What is IPSec? What's a VPN? Why do the need each other? Virtual Private Network (VPN) has become one of the most recognized terms in our industry, yet there continuously seems to be different impressions of what VPNs really are and can become.
    A Technical Guide to IPSec Virtual Private Networks provides a single point of information that represents hundreds or resources and years of experience with IPSec VPN solutions. It cuts through the complexity surrounding IPSec and the idiosyncrasies of design, implementation, operations, and security.
    Starting with a primer on the IP protocol suite, the book travels layer by layer through the protocols and the technologies that make VPNs possible. It includes security theory, cryptography, RAS, authentication, IKE, IPSec, encapsulation, keys, and policies.
    After explaining the technologies and their interrelationships, the book provides sections on implementation and product evaluation. A Technical Guide to IPSec Virtual Private Networks arms information security, network, and system engineers and administrators with the knowledge and the methodologies to design and deploy VPNs in the real world for real companies.

    Introduction
    Know the Terrain
    The Internet
    TCP/IP Quickie
    Information Age
    Security Concepts
    Cryptography
    The Other Guys
    Why are "VPNs" So HOT?
    IP Security Primer
    History
    Structure
    Applications
    Quality of Service
    Policy
    Encryption
    Symmetrical Encryption
    Asymmetrical Encryption
    Message Authentication Code
    Perfect Forward Secrecy
    Diffie-Hellman
    IPSEC Architecture
    Domain of Interpretation
    Security Associations
    Transport Mode
    Tunnel Mode
    Authentication
    Shared Secret
    Certificates
    Public Key Cryptography
    Non-IPSec Authentication
    Security Protocols
    Encapsulating Security Payload
    Authentication Header
    Key Management
    The Roll of Key Management
    Creating IKE for IPSec
    Phase One
    Phase Two
    Implementation Considerations
    Network to Network
    Client to Network
    Client Interaction
    Rollout Concepts
    Product Evaluation
    Business Drivers
    Grading Methodology
    Lab Testing
    Pilot Processes
    Trend Analysis

    Biography

    James S. Tiller (Raleigh, North Carolina, USA)