IPSec (Internet Protocol SECurity) is an extension to the Internet Protocol (IP) that provides authentication and encryption. IPSec uses strong cryptography to provide both authentication and encryption services intended for building Virtual Private Networks (VPN).
In fact, IPSec is a peer-to-peer protocol that allows you to build secure tunnels through untrusted networks like the Internet. Everything passing through this network is encrypted by the IPSec gateway machine and decrypted by the gateway at the other end. The result is a VPN because IPSec allows building networks that are effectively private, even though it includes machines at several different sites connected by the insecure Internet (or another network). IPSec is an industry standard described in a series of IETF's (Internet Engineering Task Force) RFC (Request For Comments) documents – RFC2402, RFC2406, and RFC2408 – and is also widely accepted by vendors and developers. Originally, IPSec was designed for IPv6, but it's currently being deployed mostly for IPv4. IPSec services (authentication and encryption) are implemented at the IP level of the protocol stack; therefore, IPSec can protect any protocol running above IP and any medium used below IP. Of course, IPSec provides security services in the background, with no visible impact on applications because the authentication and encryption occur at the IP level.
