If IPSec provides security at the network layer, why is it that security mechanisms are still needed at layers above IP?© BrainMass Inc. brainmass.com June 21, 2018, 12:20 am ad1c9bdddf
Information security infrastructure must include end-to-end security measures and the IPSec manages and controls it from a host to a host, network to network, or host to network client. However the majority of threats and vulnerabilities to information in an organization are usually from within the corporate network. Leaving the internal network open from a security perspective is a good enough reason for compromised access to information resources. This is a great threat to business operations and business intelligence. Protection to information has to be implemented from all angles and layers. Therefore, IPSec is not enough to protect valuable information; security mechanisms must be comprehensive and indispensable across all domains.
The kind of attacks in a network happens while data communication takes place from one client to another (be it a host or network either side); some of these attacks include:
- IP spoofing in which an intruder sends messages to a host in a way that it seems to be coming from a trusted IP address in place of its own.
- Ping of ...
This solution discusses IPSec security at the network layer as well as other security mechanisms that are required in the layers above IP.