Network security covers issues such as network communication privacy, information confidentiality and integrity over network, controlled access to restricted network domains and sensitive information, and using the public network such as Internet for private communications. To address those issues, various network and information security technologies are developed by various organizations and technology vendors. Here are a summary of the technologies..
Contents:
Kerberos: Network Authentication Protocol
Kerberos is a network authentication protocol. Kerberos is designed to
provide strong authentication for client/server applications by using secret-key
cryptography.
Radius is a protocol for carrying authentication, authorization, and
configuration information between a Network Access Server which desires to
authenticate its links and a shared Authentication
Server.
SSH: Secure Shell Protocol
SSH is a protocol for secure remote login and other secure network
services over an insecure network. SSH consists of three major
components
L2F: Level 2 Forwarding protocol
The Layer 2 Forward protocol (L2F) is used to establish a secure tunnel
across a public infrastructure (such as the Internet) that connects an ISP POP
to a enterprise home gateway. This tunnel creates a virtual point-to-point
connection between the user and the enterprise customer"s network.
L2TP: Layer 2 Tunneling Protocol
The L2TP Protocol is used for integrating multi-protocol dial-up services
into existing Internet Service Providers Point of Presence.
PPTP: Point to Point Tunneling Protocol
Point-to-Point-Tunneling Protocol (PPTP) is a networking technology that
supports multiprotocol virtual private networks (VPN), enabling remote users to
access corporate networks securely across the Microsoft Windows NT® Workstation,
Windows® 95, and Windows 98 operating systems and other point-to-point protocol
(PPP)-enabled systems to dial into a local Internet service provider to connect
securely to their corporate network through the Internet.
IP Authentication Header (AH), a key protocol in the IPsec (Internet
Security) architecture, is used to provide connectionless integrity and
data origin authentication for IP datagrams, and to provide protection
against replays.
DiffServ defines an architecture for implementing scalable service
differentiation in the Internet. A "Service" defines some significant
characteristics of packet transmission in one direction across a set of
one or more paths within a network.
Encapsulating Security Payload (ESP) is a key protocol in the IPsec
(Internet Security) architecture, which is designed to provide a mix of
security services in IPv4 and IPv6. The IP Encapsulating Security Payload
(ESP) seeks to provide confidentiality and integrity by encrypting data to
be protected and placing the encrypted data in the data portion of the IP
ESP.
Generic Routing Encapsulation is a protocol for encapsulation of an
arbitrary network layer protocol over another arbitrary network layer
protocol.
IKE: Internet Key Exchange Protocol
Internet Key Exchange (IKE) Protocol, a key protocol in the IPsec
architecture, is a hybrid protocol using part of Oakley and part of SKEME in
conjunction with ISAKMP to obtain authenticated keying material for use with
ISAKMP, and for other security associations such as AH and ESP for the IPsec
DOI.
IPsec provides security services at the IP layer by enabling a system
to select required security protocols, determine the algorithm(s) to use
for the service(s), and put in place any cryptographic keys required to
provide the requested services.
ISAKMP: Internet Security Association and Key Management Protocol
ISAKMP, a key protocol in the IPsec (Internet Security) architecture,
combines the security concepts of authentication, key management, and security
associations to establish the required security for government, commercial, and
private communications on the Internet.
TLS: Transport Layer Security Protocol
Transport Layer Security (TLS) Protocol is to provide privacy and data
integrity between two communicating applications. The protocol is composed of
two layers: the TLS Record Protocol and the TLS Handshake
Protocol.
