Home Page

Firewalls

Email & Spam

Security Terminology

Security Topics

VPN & Cryptography

Wireless

 

 

 

VPN Terminology

VPN Tutorial Guide

3DES

AES

Aggressive Mode

Authentication Header

Asymmetric Encryption

Authentication

Certification Authority

Data Integrity

DES

Diffie-Hellman

Digital Certificate

Dynamic IP addresses

Encryption

ESP

IKE Oakley & ISAKMP

IPSec

IPSec Quick Mode

L2TP

Main Mode

MD5

NAT-T

PFS

PKI

Policy-vs-Route-VPN

PPTP

Pre-Shared Key

Remote Access User

RSA

Security Association

Sha-1

Site to Site VPN

SSL VPN

Transform Sets

Tunnel mode and Transport mode

VPN client tunneling option

VPN Topologies

VPN Tunnel

 

Security Products Guide

Which Anti-Virus Software?

Which Firewall?

Which Spam Filter?

Which Internet Security Suite?

 

What is Guide

What is a Firewall?

What is a Virus?

What is Spam?

 

Essential Security Guides

Securing Windows XP Guide

Securing Windows Vista Guide

A Guide to Wireless Security

 

Other

Top 8 Internet Security tips

Why both, Firewall and Anti Virus?

Free or purchased security - Which one?

 

 

ESP - IPSec Mode

 

 

ESP (Encapsulating Security Payload)

ESP provides all four security aspects of IPSec. These are confidentiality, integrity, origin authentication, and anti-replay protection. Confidentiality would ensure data is encrypted. Providing integrity would ensure data in transit has not been tampered with and origin authentication would ensure the remote peers are who they claim to be. Anti-replay will ensure duplicated traffic is not accepted which would prevent DOS attacks, as well as spoofed traffic.

ESP can operate in either tunnel mode which is more secure due to encrypting the routing, header information and IP payload, or can operate in transport mode in which it only encrypts the IP payload. Tunnel mode is usually used between gateways through the internet, and transport mode is usually used for host to host VPN’s such as between a server and a computer.

In a nutshell ESP is a security protocol used with IPSec which provides source authentication, confidentiality and message integrity.

Further Reading

Wikipedia's guide to IPSec