IPSec, the suite of protocols for securing any sort of traffic that moves over an Internet Protocol (IP) network, promises big things for online business. IPSec catalogs the specifications that compose this suite and explain how they fit into intranets, virtual private networks (VPNs), and the Internet.

Authors Doraswamy and Harkins first treat IPSec as a system, explaining how its component parts work together to provide flexible security. Their approach to this task makes sense: They first explain why standard IP packets aren’t secure; then they show how the IPSec improvements make secure transactions possible. Readers get full descriptions of how various network entities talk to one another. Where appropriate, concepts that aren’t specific to IPSec are explained, including IPv4 and IPv6 packet structures and addressing schemes. There’s some information on cryptography too.

IPSec’s parts are explained individually: the Authentication Header (AH), Encapsulating Security Payload (ESP), Internet Key Exchange (IKE), and ISAKMP/Oakley protocols are detailed with lots of prose, supplemented with a smattering of packet diagrams and conceptual sketches. Sections on implementing IPSec protocols on networks remain fairly abstract and don’t mention actual products, but should prove useful to programmers designing their own network security products around the IPSec specifications.