About
- VAS Experts
  
  Software developer for Internet Service Providers and Telecom Industry
- Events
  
  Join us at events or sign up for a webinar
- Customer Reviews
  
  Find out what customers say about VAS Experts' solutions
- Contacts
  
  Feel free to contact us with any question or suggestion
Products
- For telecom operators
- Stingray Service Gateway
  
  Multifunctional Platform for flexible solution of operator tasks
- BRAS/BNG
  
  Scalable and Cost-Effective Software Gateway
- CG-NAT
  
  Providing transparent network address and protocol translation
- QoE Analytics
  
  Traffic Monitoring and Analysis System
- For mobile carriers
- LBS
  
  Module for detection of subscriber's location
- EPDG
  
  Solution for launching Wi-Fi Calling (VoWiFi)
- PCEF
  
  Execution of quality of service (QoS) policies and flexible billing based on different conditions
Solutions
- FOR SERVICE PROVIDERS
- Software-based BNG/BRAS
  
  Border Network Gateway with full statisctics and analysis
- CG-NAT & IPv6 Migration
  
  Smooth transition of the entire infrastructure to IPv6
- Prioritize essential applications and offer the best quality of service
  
  Prioritize critical applications and provide the best Quality of Service
- Network Visibility
  
  The key to a profitable and successful business
- Regulatory Compliance
  
  Automate compliance with legal requirements
- WiFi HotSpot Management
  
  Control the data of users who access the Internet via Hotspot
- Value Added Services
  
  Additional options to increase operator's income
- vStack-R
  
  Recommended server platform for SSG integration
- FOR ENTERPRISE AND DATACENTERS
- DLP system
  
  Prevent confidential information leakage
- Detecting Threats
  
  Detect network attacks that worsen services quality
- MiniDPI
  
  Mini-platform for processing and analyzing traffic up to 2 Gbps
Partners
- Our partners
  
  Find a System Integrator in your region
- Become a Partner
  
  Become our partner to build and develop reliable networks for your customers
- Partner Program
  
  Learn more about our affiliate Partner Program
Resources
- Documentation
  
  VAS Experts knowledge base
- Brochures
  
  Download documents and presentations about the company and its products
- Success Stories
  
  Our customers' cases with a description of tasks, solutions and technologies used
- Glossary
  
  Key industry concepts and terms
- Videos
  
  Presentations and video instructions for solutions
- Use Cases
  
  The library of product capabilities
- FAQ
  
  Find out answers to your questions about BRAS/BNG, CG-NAT, QoS, and QoE solutions
Blog

Resources
Glossary
IPsec (Internet Protocol Security)

IPsec (Internet Protocol Security)

February 29, 2024

IPsec is a set of protocols and services that secure IP networks. It is a widely used virtual private network technology. It is used to encrypt data for the secure exchange of information between sites.

IP packets do not have effective security mechanisms, so attackers can spoof or steal them. To solve this problem, an IPsec tunnel is set up to encrypt the transmission of IP packets on an insecure network.

How IPsec works

First, a network device receives a data packet and determines whether to transmit it through an IPsec tunnel. The LAN device then initiates negotiation with the peer network device. During this phase, the communicating parties use a key exchange protocol.

After IPsec security mapping between the parties, they can transmit data through the IPsec tunnel. An authentication header is used to securely transmit and authenticate the data. The encryption mechanism ensures the confidentiality of the data and prevents the data from being intercepted during transmission.

Next, the encryption algorithm for the IP packet is used, the sender and receiver use the same authentication algorithm and authentication key. If they are the same, the receiver decrypts the packet.

What ports are used in IPsec

In IPsec, the IKE protocol uses UDP port 500 to initiate and respond to negotiations. Also, in an IPsec NAT traversal scenario, packets on UDP port 4500 must be allowed. The AH and ESP services must be enabled to ensure a successful IPsec tunnel setup.

Vote:

5 out of 5

Average rating : 5

Rated by: 1

We use cookies to optimize site functionality and give you the best possible experience. To learn more about the cookies we use, please visit our Cookies Policy. By clicking ‘Okay’, you agree to our use of cookies. Learn more.