IPSec and Network Security

Good Essays
IPSec is a framework which utilizes a set of IETF protocols to offer end-to-end IP security using strong encryption, public and private key pair cryptography. IPSec secures communication links that could experience network security issues like corruption, eavesdropping, misused data etc (Pezeshki et al 2007) when not secured. However, using IPSec tends to also have an adverse effect on router utilization and overall network performance.

One of the major issues with IPSec is performance degradation and throughput (Berger, 2006) which goes back to the complex authentication and encapsulation techniques. Data protection tends to increase required bandwidth; security transformation reduces performance and delays data processing and transmission. Considering a scenario where a packet is to be transmitted from Computer 1 to Computer 2, each with Customer Premises Equipment (CPE). In an environment without IPSec VPN, the packet would go straight to CPE 2 from computer 1.This is not the case when IPSec VPN is deployed in that same environment. The packet would move from computer 1 to CPE 1 which performs various tasks on the packet before forwarding it to CPE 2. The packet is first encrypted and this takes time to perform causing delay of the packet transmission. Filtering and encryption consumes computing power. When there are more packets to be transmitted, the load placed on the CPU and network increases. After encryption, the packet is encapsulated, hence causing more delay. The packet is then sent across to the service provider where another delay might occur due to fragmentation. This is when the new packet formed is bigger than the Maximum Transmission Unit (MTU) size of the links between the two CPEs. The new packet would then b...

... middle of paper ...

...t_design.html [Accessed 08 August 2009].

13) JAHA, A., BEN, S.F. and ASHINBAI, M., 2008. Proper Virtual Network (VPN) Solution. Proceedings of the Second International Conference on Next Generation Mobile Applications, Services, and Technology. 16-19 Sept. 2008. Libya: The Higher Institute of Industry, Misurata. pp. 309 - 304.

14) JIANWU Wu., 2009. Implementation of Virtual Private Network Based on IPSec Protocol. Proceedings of International Conference on Future Computer and Communication. 6-7 June 2009. China: School of Politics & Law & Public Admin., Hubei University. pp 138-141

15) JING-BO, X., MING-HUI. L. and LU-JUN, W., 2008. Research on MPLS VPN Networking Application Based on OPNET. Proceeding of International Symposium on Information Science and Engineering. 20-22 Dec. 2008. Telecommun. Eng. Inst., Air Force Eng. Univ., Xian. pp 404-408 vol.(1)
Get Access