Email this Article Email   

CHIPS Articles: Guide to Internet Protocol Security Virtual Private Networks

Guide to Internet Protocol Security Virtual Private Networks
Draft NIST SP 800-77 Rev. 1
By NIST News - July 3, 2019
Internet Protocol Security (IPsec) is a network layer security control used to protect communications over public networks, encrypt IP traffic between hosts, and create virtual private networks (VPNs). A VPN provides a secure communication mechanism for data and control information between computers or networks.

The Internet Key Exchange (IKE) protocol is most commonly used to establish IPsec-based VPNs.

The National Institute for Standards and Technology invites comments on Draft Special Publication (SP) 800-77 Revision 1, Guide to IPsec VPNs, which contains practical recommendations for implementing security services based on IPsec and IKE to assist organizations in mitigating the risks associated with transmitting sensitive information across networks.

Since the original publication of SP 800-77 in 2005, IPsec and IKE protocols have been enhanced, and more operational experience has been gained from the security solutions deployed. This revision contains new security and cryptographic recommendations and requirements with a focus on how IPsec provides network layer security services.

The document also describes how organizations can implement IPsec, IKE, and their alternatives under varying circumstances.

A public comment period for this document is open until Oct. 8, 2019. See the publication details for a copy of the document and instructions for submitting comments.

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer