Recommendations for securing networks with IPsec
Nowadays, IT systems generally adopt a distributed architecture. The different hardware and software building blocks are increasingly interconnected, not only among themselves, but also with remote systems and through the Internet. The rise of cloud computing and outsourcing accelerates this trend.
As these building blocks can be critical to an IT system, the data they exchange can also be highly critical. These streams include a lot of sensitive data (authentication data, confidential business information, industrial control systems commands...). The interception or alteration of such sensitive ata by potentially malicious individuals are significant risks in a context where cyber attacks are increasingly numerous and sophisticated. The protection of these sensitive data streams is, therefore, paramount.
However, this issue is not always correctly addressed, and many sensitive network data streams are not as protected as they should be. IPsec is a set of secure communication protocols aiming at protecting network data streams. This technology is field proven, but often poorly mastered, and is still hardly used or poorly employed.