This chapter covered using IPSec as a part of your defense-in-depth strategy. You can use IPSec to secure authorized traffic or to block unauthorized traffic. IPSec can be used to require security to ports that must be allowed to communicate, and to deny unauthorized access to all other ports. IPSec has two main modes: transport and tunnel, and two security protocols: AH and ESP. AH allows the packet integrity to be verified end-to-end, and ESP allows payload encryption and integrity. Both can be used at the same time to provide significant security to any IP network communications stream. Chapter 9 covers stopping unauthorized software execution.