O'Reilly logo

IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks, Second Edition by Dan Harkins, Naganand Doraswamy

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8. Policy

It was mentioned in previous chapters that policy determines the security services afforded to a packet and the treatment of a packet in the network. However, the issue of policy representation and management of IPSec connections were not discussed. We will address some of these issues in this chapter.

Policy is difficult to describe and define. It is the fuzzy middle between a human desire (“I want to encrypt and authenticate all access that my subcontractors have to my network”) and a machine's definition (“encrypt tcp packets from 10.3.86.5 to 10.4/16 with CAST and authenticate them with HMAC-SHA”). Because it is the security interface between human and computer, it is extremely important. The transition from human to computer ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required