User guide
Rev 2.2 Jun.11 1
1
1: Introducing IPSec
• Overview
• Scenarios IPprotocolthatdrivestheInternetisinherentlyinsecure.
InternetProtocolSecurity(IPSec),whichisastandards‐based
protocol,securescommunicationsofIPpacketsoverpublic
networks.
Organizationsarestrivingtoprotecttheircommunication
channelsfromunauthorizedviewingandenforcingauthenti
‐
cationoftheentitiesattheothersideofthechannel.
Unauthorizedaccesstothesensitivedatacanbeavoidedby
usingIPSec.ByapplyingsecurityattheIPlayerintheOSI
model,communicationscanbeprotected.Inthismannerthe
upperlayersintheOSImodelcanleveragethesecurity
servicesprovidedattheIPlayer.
SierraWirelessAirLink™hasaddedIPSec,asalatestaddition
tothelistoffeatures,inalltheALEOS‐poweredAirLinkXand
XTplatformsofdevices.
Overview
IPSecisacommonnetworklayersecuritycontrolandisused
tocreateavirtualprivatenetwork(VPN).
TheadvantagesoftheIPSecfeatureincludes:
• DataProtection:DataContentConfidentialityallowsusers
toprotecttheirdatafromanyunauthorizedview,because
thedataisencrypted(encryptionalgorithmsareused).
• AccessControl:AccessControlimpliesasecurityservice
thatpreventsunauthorizeduseofaSecurityGateway,a
networkbehindagatewayorbandwidthonthatnetwork.
• DataOriginAuthentication:DataOriginAuthentication
verifiestheactualsender,thuseliminatingthepossibility
offorgingtheactualsender’sidentificationbyathird‐
party.
• DataIntegrity:DataIntegrityAuthenticationallowsboth
endsofthecommunicationchanneltoconfirmthatthe
originaldatasenthasbeenreceivedastransmitted,
withoutbeingtamperedwithintransit.Thisisachieved
byusingauthenticationalgorithmsandtheiroutputs.
TheIPSecarchitecturemodelincludestheSierraWireless
AirLinkmodemasaremotegatewayatoneendcommuni
‐
cating,throughaVPNtunnel,withaVPNgatewayatthe