IPSec is a robust and extensible mechanism for securing IP datagrams. IPSec provides stateless security—data confidentiality, data integrity, data source authentication, protection against traffic analysis, and antireplay protection—and therefore does not make any requirements on the IP protocol to achieve security. As such it is ideal for protecting any type of traffic that can travel on top of IP—basically any traffic.

By providing security at the IP layer, IPSec allows any application to take full advantage of its functionality. Security is done in one place, in the stack, instead of in each application that requires security. Authentication and access control are therefore done at the communications aggregation ...