Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Networks > IPSec Process > Flashcards

IPSec Process Flashcards

1
Q

Stage 1

A
  1. Host recognition: A host system recognizes that a packet needs protection and should be transmitted using IPsec policies.

Such packets are considered “interesting traffic” for IPsec purposes, and they trigger security policies.

For outgoing packets, this means the appropriate encryption and authentication are applied. When an incoming packet is determined to be interesting, the host system verifies that it has been properly encrypted and authenticated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Stage 2

A

Negotiation, or IKE Phase 1: Hosts use IPsec to negotiate the set of policies they will use for a secured circuit.

They also authenticate themselves to each other and set up a secure channel between them that is used to negotiate the way the IPsec circuit will encrypt or authenticate data sent across it. This negotiation process occurs using either Main mode or Aggressive mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

MODES

A

With main mode, the host initiating the session sends proposals indicating its preferred encryption and authentication algorithms. The negotiation continues until both hosts agree and set up an IKE SA that defines the IPsec circuit they will use. This method is more secure than aggressive mode because it creates a secure tunnel for exchanging data.

In aggressive mode, the initiating host does not allow for negotiation and specifies the IKE SA to be used. The responding host’s acceptance authenticates the session. With this method, the hosts can set up an IPsec circuit faster.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Stage 3

A

IPsec circuit, or IKE Phase 2. Step three sets up an IPsec circuit over the secure channel established in IKE Phase 1. The IPsec hosts negotiate the algorithms that will be used during the data transmission. The hosts also agree upon and exchange the encryption and decryption keys they plan to use for traffic to and from the protected network. The hosts also exchange cryptographic nonces, which are random numbers used to authenticate sessions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Stage 4

A

IPsec transmission. In the fourth step, the hosts exchange the actual data across the secure tunnel they’ve established. The IPsec SAs set up earlier are used to encrypt and decrypt the packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Stage 5

A

IPsec termination. Finally, the IPsec tunnel is terminated. Usually, this happens after a previously specified number of bytes have passed through the IPsec tunnel or the session times out. When either of those events happens, the hosts communicate, and termination occurs. After termination, the hosts dispose of the private keys used during data transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Networks (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions