OSI archives - IT Governance, Risk, and Compliance
Home > IT Blogs > IT Governance, Risk, and Compliance >

IT Governance, Risk, and Compliance:

OSI

Jul 6 2009   7:02PM GMT

Trans-border Communication Protection - Part IV



Posted by: Robert E. Davis
Encapsulation, Infrastructure, Privacy, Configuration Items, Transport Mode, Tunnel Mode, Encapsulating Security Payload, Internet Protocol Security, Open Systems Interconnection, Secure Socket Layer, Virtual Private Network, ESP, IPSec, OSI, SSL, VPN

The primary distinguishing feature between IPSec and SSL is their respective OSI reference model protocol communication tier levels. IPSec operates at the network layer of the OSI reference model while SSL operates at the transport layer. Protection mechanism utilization should be determined by information sensitivity. IPSec or SSL can be combined with a VPN to limit data interception, manipulation, and redirection. Standards exist for encryption systems, such as SSL and IPSec, which ensure compatibility among various hardware and software platforms. Comparatively, regarding trans-border privacy issues, SSL VPN can be considered a viable alternative to stand-alone IPSec deployment.

“View Part I of the Trans-border Communication Protection series here

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

Jul 2 2009   8:12PM GMT

Trans-border Communication Protection - Part III



Posted by: Robert E. Davis
Encapsulation, Infrastructure, Privacy, Configuration Items, Transport Mode, Tunnel Mode, Encapsulating Security Payload, Internet Protocol Security, Open Systems Interconnection, Secure Socket Layer, Virtual Private Network, ESP, IPSec, OSI, SSL, VPN

Generally, a VPN is recognized as a confidential data plexus that employs the public telecommunication infrastructure while maintaining privacy through the utilization of a tunneling protocol and security procedures. A VPN can provide remote offices and telecommuters with secure access to the connected local or wide area networks. When a VPN is introduced to the secure protocol privacy protection equation, IPSec and SSL technologies require mobile users to deploy client software on specific computers for utilization enablement.

Concerning secure access, virtual private networking requires a carrier as well as encapsulating protocol to provide tunneling functionality. Therefore, encryption, authentication, and data packaging usually are incorporated in a SSL VPN. Furthermore, below the OSI transport layer, a VPN can provide additional privacy data protection. This has many manifestations, the most popular being IPSec, typically implemented as a protected ‘tunnel’ between two gateway routers. An IPSec ‘vanilla’ VPN only uses the Encapsulating Security Payload (ESP) header record. However, ESP protects against IT communication eavesdropping, forgery, or replay risks.

“View Part I of the Trans-border Communication Protection series here

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend