ZyXEL 4-port Prestige 792H Router 91-004-342001 用户手册
产品代码
91-004-342001
Prestige 792H G.SHDSL Router
Introduction to IPSec
13-1
Chapter 13
Introduction to IPSec
This chapter introduces the basics of IPSec VPNs.
13.1 VPN Overview
A VPN (Virtual Private Network) provides secure communications between sites without the expense of
leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, authentication, access
control and auditing technologies/services used to transport traffic over the Internet or any insecure network
that uses the TCP/IP protocol suite for communication.
leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, authentication, access
control and auditing technologies/services used to transport traffic over the Internet or any insecure network
that uses the TCP/IP protocol suite for communication.
13.1.1 IPSec
Internet Protocol Security (IPSec) is a standards-based VPN that offers flexible solutions for secure data
communications across a public network like the Internet. IPSec is built around a number of standardized
cryptographic techniques to provide confidentiality, data integrity and authentication at the IP layer.
communications across a public network like the Internet. IPSec is built around a number of standardized
cryptographic techniques to provide confidentiality, data integrity and authentication at the IP layer.
13.1.2 Security Association
A Security Association (SA) is a contract between two parties indicating what security parameters, such as
keys and algorithms they will use.
keys and algorithms they will use.
13.1.3 Other Terminology
Encryption
Encryption is a mathematical operation that transforms data from "plaintext" (readable) to "ciphertext"
(scrambled text) using a "key". The key and clear text are processed by the encryption operation, which
leads to the data scrambling that makes encryption secure. Decryption is the opposite of encryption: it
is a mathematical operation that transforms “ciphertext” to plaintext. Decryption also requires a key.
(scrambled text) using a "key". The key and clear text are processed by the encryption operation, which
leads to the data scrambling that makes encryption secure. Decryption is the opposite of encryption: it
is a mathematical operation that transforms “ciphertext” to plaintext. Decryption also requires a key.