IPsec (Internet Protocol Security or IP Security) is a set of protocols designed to secure IP network packets. IPsec focuses on security measures related to encryption and authentication, including cryptographic algorithms, secure key exchange and key management. Currently, IPsec is primarily used with VPNs (virtual private networks). IPsec can also be used in application-level security and routing security, but it must be coupled with additional security measures to be effective in these security domains.
The purpose of an IPsec-based VPN is to encrypt traffic at the network layer of the OSI model so the attacker cannot eavesdrop between client and the VPN server.
LogRhythm supports IPsec for Windows OS and Linux/CentOS (via Libreswan).
- Two computers, one running Windows OS and the other running Linux OS/CentOS. These two systems must be members of the same (or a trusted) domain.
- LAN or WAN connection between the two computers.
- Windows machine: Windows server 2012 R2 Standard
- Linux machine: CentOS 7(7.4.1708)/RHEL