IPSec

The insider's guide to IPSec for every network professional—updated for the newest standards, techniques, and applications.

Using IPSec, companies can build VPNs and other Internet-centered applications with confidence that their data will remain secure. IPSec, Second Edition is the most authoritative, comprehensive, accessible, and up-to-date guide to IPSec technology. Two leading authorities in IPSec standardization and implementation cover every facet of IPSec architecture and deployment, review important technical advances since IPSec was first standardized, and present new case studies that show how IPSec can provide end-to-end security in real business environments. Coverage includes:

• New, in-depth deployment guidance: policy definition, representation, distribution, and management
• New IPSec enhancements: compression, multicast, key recovery, L2TP support, PKI integration, and more
• IPSec architecture and components: payloads, headers, Internet Key Exchange, security associations, and more
• Implementation architecture and techniques, including overlapping and shared security associations, nested and chained tunnels, and more
• IPSec security in host-to-host, host-to-gateway, and gateway-to-gateway scenarios
• Establishing secure VPN tunneling
• A detailed look inside the IPSec kernel

IPSec, Second Edition delivers the techniques and insight you need to protect all your digital assets, wherever they are—on the Internet, your intranet, your extranet, or your VPN. Whether you're a networking or Web professional, software developer, or security specialist, you'll find it indispensable.

IPSec, Second Edition is the most authoritative, comprehensive, accessible, and up-to-date guide to IPSec technology. Two leading authorities cover all facets of IPSec architecture, implementation, and deployment; review important technical advances since IPSec was first standardized; and present new case studies demonstrating end-to-end IPSec security. New coverage also includes in-depth guidance on policies, updates on IPSec enhancements for large-scale enterprise environments, and much more.

NAGANAND DORASWAMY is a senior principal engineer at Nortel Networks in Billerica, MA and an active participant in the IETF and key industry panels on VPNs and IP security. He was a network security architect at Bay Networks (currently Nortel Networks) and is currently working on next-generation router architectures and protocols. He was the technical lead for IP Security at FTP Software.

DAN HARKINS, formerly a senior software engineer in the Network Protocol Security Group at Cisco Systems, is currently a Senior Scientist at Network-Alchemy in Santa Cruz, CA and is active in several IETF working groups. He wrote IPSec's standard Internet Key Exchange (IKE) key management protocol.