Chapter 6. IPsec VPN

The SRX product suite combines the robust IP Security virtual private network (IPsec VPN) features from ScreenOS into the legendary networking platform of Junos. IPsec VPNs have become a central component of modern computer networks for securing the data between different sites and remote users. As more critical applications and sensitive information has been transferred into electronic format, the demand to secure this information has grown. IPsec VPNs are sometimes confused with Layer 2 or Layer 3 VPNs which do not actually encrypt the data, but rather tunnel the traffic that flows through the VPNs; however, IPsec VPNs are VPNs that provide encryption and authentication to secure traffic. In the past, IPsec VPNs were widely used out of convenience to securely deliver data between sites, and also to provide remote access for mobile users. After numerous high-profile security breaches resulting in the compromise of sensitive data, many regulations (PCI, SOX, HIPAA) have been enacted to help prevent such incidents. Although the high-profile data breaches were not the result of compromise from a lack of IPsec VPNs, many of these regulations require that data is encrypted in transit and at rest. Since VPNs satisfy the encryption of data in transit, they have been widely deployed for this purpose.

There are two high-level uses for IPsec VPNs: to secure data between two or more computer networks, and to secure data between a remote user and a computer network. This ...

Get Junos Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.