Part 19 - IPSec Part I

Video Activity

This lesson offers an introduction into IPSEC is an encapsulation framework. Tunnel vs transport mode dictates what portion of the IP Packet is to be encapsulated. In tunnel mode, the whole packet is encapsulated whereas in transport mode, only the payload is encapsulated.

Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

2 hours 59 minutes
Video Description

This lesson offers an introduction into IPSEC is an encapsulation framework. Tunnel vs transport mode dictates what portion of the IP Packet is to be encapsulated. In tunnel mode, the whole packet is encapsulated whereas in transport mode, only the payload is encapsulated.

Video Transcription
So the next topic that we want to discuss is we want to talk about five p sec, which of course, stands for I p Security. And you know, the premise of I p. Second. The reason that it's necessary is the same problem we've talked about multiple times in this class so far is that traditionally,
things have not been designed to be secure. They've been designed to function,
but security's come along as an afterthought. So if you look at the I P version for protocol, for instance, Ah, and you want to talk about security, you know? Think about for a minute. What elements are built in tow. I p v four to make it secure now lets you Paul's on that. And there should be a
deadening hush throughout the Internet because the enter that is
absolutely nothing. There is nothing that's part of the I P version for protocol that makes it secure. So what do we do? Well, we take security on top of it and hope for the best. Now
you know I P Version four was designed back in the sixties for the government to years across secured physical lakes. So at that time
adding product security to the protocol itself seemed excessive because it wasn't necessary. These were very protected lines. But like so many things, I p has morphed beyond what it was originally designed for. And now truly is the protocol of the Internet.
So what do we do? Well, we have to figure out how to secure it.
And I know many of you have heard I know everybody's heard. I p Version six is coming. It's coming I p v six. It's around the corner and I believe that.
But there is sort of a portion, a little part of me that wonders if I p v six here in the States. It's gonna go the way of the metric system. You know, I remember
fifth grade or whenever it was the metric systems coming learned kilometers, you know, no longer pounds. It's kilograms. And that seemed to last for about
a week and 1/2. And then all of a sudden we were back to doing things the way we always have.
It's hard. I don't want to learn something new. You sure? Somebody an i p v six address And they go, I don't
can't we just make what? We have work. And so, yes, I p version six is coming. Yes, The majority of the world is already on I p v six and yes, of course. We here in the States. You're gonna gonna move to ikey version six
unless we don't. And that's that's my thought on that. But at any at any rate, so many people think that we're going to I p v six because of running out of i P addresses well with network address. Translation napped. And we'll talk about that in the telecommunications domain if that's not something you're familiar with.
But ultimately what it does is it sort of puts a Band Aid on the problem running out of I p addresses.
So the rial push to move to I p Version six isn't so much about the limited address face with i p version for as it should be about the added security of I P v six, because as part of I p version sixes design, I P sec is integrated into the protocol,
and any time you build a protocol
with security intact or inherent to the product, you're gonna be more secure than duct taping security on is an afterthought. Okay, so I p sec was designed this part of I p six, You don't separate out i p sec from it. So
when we talk about security, you know, there are all sorts of different elements and there are a lot of misconceptions about what I p sec is
and what it is not a i. P sec is not an encryption protocol. It's not even an encryption framework. That's kind of a common misconception. Um, I p sec in and of itself is an encapsulation friend. More
an encapsulation framework.
And that's very different, that encryption. Although sometimes people get theirs confused.
When we talk about encapsulation, for instance, let's say that my Uncle Steve is having, um
ah, an anniversary
and I'm gonna get himself set of champagne glasses. So I go out, I'm gonna buy the champagne glasses and technically, I could take a marker. I could write his address on it, put a stamp on the glasses and toss him in the mailbox. But as soon as I do, of course I'm here. Please click, Click.
So if I'm smart, what I'm gonna do is I'm gonna take the champagne glasses and I'm gonna wrap him in tissue paper. I'm gonna put the tissue paper in a box and I'm gonna put packing peanuts in the box. I'm gonna gift wrap the box and put Happy Anniversary Uncle Steve,
up with that box inside of Federal Express box with maybe some of the, uh, the, uh,
the bubble wrap to keep it safe. And then I'm gonna put an address label on the UPS pops And what started out as a very small payload, the actual gift itself. What I wanted to get to him. By the time it's ready to go out on the transportation network, it's much larger. That's encapsulation.
I've added material to make sure it gets there safely and make sure that it gets to the correct location. But I never encrypted
the champagne glasses. I never magically turned them into coffee monks. The champagne glasses remained intact. They just been packaged. And that's what I p sec does so by P sec encapsulate it wraps the i P packet inside its own trailers.
Now, how much or what portion of the I P packet gets wrapped up? Depends on the different modes
in which I p set can function. So this is your choice. You can either use i P sec in tunnel mode or in transport moves.
So when we think about tunneling, we think about tunneling through the Internet. Right? We think about VP ends and and sending, you know, information. It needs to be secured across an unsecured network. So in tunnel mode, we get the greatest degree of security because the header, payload and trailer the entire I P packet
is wrapped up
is encapsulated in tunnel mode. We get the greatest security. Okay, so you can see on the diagram the i p header. I peep a loaded I p trailer are all wrapped up instead of inside of the eyepiece at Catterick Payload in Trenton. Now in transport mode, I p sec
Onley encapsulate ce the i p payload
on lee the data, not the rest of the pack it. What that does is that gives me greater overhead, better performance, and a lot of times will use this internally. So, for instance, maybe I've got my human resource is servers and I've got payroll information. I don't want that information going across the network in clear text.
So I want my key sector he used.
But I don't have to protect the header in the trailer. I just want the information encrypted. So I'm sorry. Encapsulated so. I used transport mode now tunnel mode and transport mode on Lee determine what is encapsulated. There has been no security function added yet that will come next.
Up Next
Security Engineering

Domain 3 covers engineering and management of security. Why do I need this certification? Security engineering is a field which requires cross-disciplinary knowledge in areas such as cryptography and site design security

Instructed By