IPSec Enables PIX Firewall VPN Features

Data confidentiality Data integrity Data authentication Anti-replay

©2000, Cisco Systems,

The PIX 5.1 Firewall uses the industry-standard IP Security (IPSec) protocol suite to enable advanced VPN features. The PIX IPSec implementation is based on Cisco IOS IPSec that runs in Cisco routers.

IPSec provides a mechanism for secure data transmission over IP networks, ensuring confidentiality, integrity, and authenticity of data communications over unprotected networks such as the Internet.

IPSec enables the following PIX Firewall VPN features:

■ Data confidentiality—The IPSec sender can encrypt packets before transmitting them across a network.

■ Data integrity—The IPSec receiver can authenticate IPSec peers and packets sent by the IPSec sender to ensure that the data has not been altered during transmission.

■ Data origin authentication—The IPSec receiver can authenticate the source of the IPSec packets sent. This service is dependent upon the data integrity service.

■ Anti-replay—The IPSec receiver can detect and reject replayed packets, helping prevent spoofing and man-in-the-middle attacks.

0 0

Post a comment