Chapter 10. Further Architectural Options for IPsec


Up until this point, we've discussed major deployments and best practice design fundamentals for IPsec VPN deployments. Situations may arise in which IPsec network architectures are forced to vary somewhat. In this chapter, we will explore the forces that cause this variation in the fundamentals of IPsec VPN designs and some of the strategies that can be used to address these variations:

  • IPsec VPN Tunnel Termination "On-a-Stick"

  • In-Path vs. Out-of-Path Encryption

  • Separate Termination of IPsec and GRE (GRE-offload)

We will discuss each of these above design options in detail, including the drivers for selecting that specific variant of IPsec design. Case studies for each of the above will be inserted after introducing each design variant to illustrate that particular design alternative in practice.




IPsec Virtual Private Network Fundamentals
IPSec Virtual Private Network Fundamentals
ISBN: 1587052075
EAN: 2147483647
Year: N/A
Pages: 113

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net