Security Basics mailing list archives
RE: MPLS Encryption
From: "Shawn Jackson" <sjackson () horizonusa com>
Date: Fri, 12 Dec 2003 09:09:13 -0800
MPLS is used on switched networks to aid in routing, or static paths, of packets. MPLS in it 'true-to-life' form is just an additional header tagged to the packet at which the network equipment looks at. What you will want is called IPSec ESP (Encrypted Security Payload). ESP is used to protect data but keeps the header in tact for transmission on a standard network, i.e. PPTP. The technologies are not mutually exclusive; you can use IPSec-ESP/AH with MPLS. Most end-nodes never see the MPLS header, seaming it's striped at the PE router. Any product that has IPSec VPN will have ESP and AH (Authentication Header), but it depends on what your trying to do. Are you trying to secure communications on a LAN? Or are you trying to secure data in the Internet/Extranet? If you give the group some specifics about your situation, I'm sure someone can help you better then me. Shawn Jackson Systems Administrator Horizon USA 1190 Trademark Dr #107 Reno NV 89521 www.horizonusa.com Email: sjackson () horizonusa com Phone: (775) 858-2338 (800) 325-1199 x338 -----Original Message----- From: Clive.Madden () barclayscapital com [mailto:Clive.Madden () barclayscapital com] Sent: Thursday, December 11, 2003 4:11 AM To: security-basics () securityfocus com Subject: MPLS Encryption Hello, I was wondering if you could help me. I saw an email from an gentleman called Hussein Ghazy back in June asking about payload encryption over MPLS. I was wondering if you could recommend any products that only do payload encryption and NOT header. Your help would be gratefully appreciated. Thanks! Clive Madden ------------------------------------------------------------------------ For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. ------------------------------------------------------------------------ ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- MPLS Encryption Clive . Madden (Dec 11)
- <Possible follow-ups>
- RE: MPLS Encryption B. McAninch (Dec 12)
- RE: MPLS Encryption Shawn Jackson (Dec 12)
- RE: MPLS Encryption Clive . Madden (Dec 15)
- Re: MPLS Encryption Steve McGhee (Dec 15)
- RE: MPLS Encryption Shawn Jackson (Dec 15)