What is IPsec ESP vs AH, and when is each used?

Prepare for the Alcatel Quiz. Review multiple choice questions and flashcards, with hints and explanations to sharpen your knowledge. Get exam-ready!

Multiple Choice

What is IPsec ESP vs AH, and when is each used?

Explanation:
IPsec is built around two mechanisms, ESP and AH, and the key difference is encryption. ESP protects the payload by encrypting it, and it can also provide data integrity and origin authentication for what it carries (typically the encrypted payload and ESP trailer) using an authentication tag. AH, on the other hand, offers integrity and origin authentication for the entire packet but does not encrypt the payload, so no confidentiality is provided. Because protecting the actual contents is usually the primary security need in networks and VPNs, ESP is the standard choice and is used much more widely. AH is reserved for situations where you only want to guard integrity and authenticity without encryption, though NAT and other network behaviors can complicate its use.

IPsec is built around two mechanisms, ESP and AH, and the key difference is encryption. ESP protects the payload by encrypting it, and it can also provide data integrity and origin authentication for what it carries (typically the encrypted payload and ESP trailer) using an authentication tag. AH, on the other hand, offers integrity and origin authentication for the entire packet but does not encrypt the payload, so no confidentiality is provided. Because protecting the actual contents is usually the primary security need in networks and VPNs, ESP is the standard choice and is used much more widely. AH is reserved for situations where you only want to guard integrity and authenticity without encryption, though NAT and other network behaviors can complicate its use.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy