< Day Day Up > |
The Internet Security Protocol, IPsec, incorporates security for network transmission into the Internet Protocol (IP) directly. IPsec is integrated into the new IPv6 protocol (Internet Protocol version 6). It can also be used with the older IPv4 protocol (see Chapter 38). IPsec provides methods for both encrypting data and authenticating the host or network it is sent to. The process can be handled manually or automated using the IPsec racoon key exchange tool. With IPsec, the kernel can automatically detect and decrypt incoming transmissions, as well as encrypt outgoing ones. You can also use IPsec to implement virtual private networks, encrypting data sent over the Internet from one local network to another. Though IPsec is a relatively new security method, its integration into the Internet Protocol will eventually provide it wide acceptance.
Several projects currently provide development and implementation of IPsec tools. The original IPsec tools are provided by the KAME project, www.kame.net. Current versions can be obtained from souceforge.net/projects/ipsectools. RPM packages can be obtained from rpmfind.net. Other IPsec tool projects include the Free Secure/Wide Area Network project (FreeS/WAN) at www.freeeswan.org, which provides a Linux implementation of IPsec tools, and VPN Consortium (VPNC) at www.vpnc.org, which supports Windows and Macintosh versions. FreeS/WAN provides both Red Hat RPM packages and source code for their tools.
Note |
Currently, the Fedora Core does not include support for IPsec tools but later versions will. The redhat-config-network tool includes panels for IPsec support, but you need to install IPsec tools to activate this support. |
< Day Day Up > |
This HTML Help has been published using the chm2web software. |