ZyXEL Prestige 202H Plus ISDN Router 91-003-154001B Benutzerhandbuch

P-202H Plus v2 User’s Guide

Chapter 10 Introduction to IPSec

110

This chapter introduces the basics of IPSec VPNs.

A VPN (Virtual Private Network) provides secure communications between sites without the 
expense of leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, 
authentication, access control and auditing technologies/services used to transport traffic over 
the Internet or any insecure network that uses the TCP/IP protocol suite for communication. 

Internet Protocol Security (IPSec) is a standards-based VPN that offers flexible solutions for 
secure data communications across a public network like the Internet. IPSec is built around a 
number of standardized cryptographic techniques to provide confidentiality, data integrity and 
authentication at the IP layer.

A Security Association (SA) is a contract between two parties indicating what security 
parameters, such as keys and algorithms they will use.

Encryption is a mathematical operation that transforms data from "plaintext" (readable) to 
"ciphertext" (scrambled text) using a "key". The key and clear text are processed by the 
encryption operation, which leads to the data scrambling that makes encryption secure. 
Decryption is the opposite of encryption: it is a mathematical operation that transforms 
“ciphertext” to plaintext. Decryption also requires a key.