Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Encryption Services Overview

The IP Security (IPsec) architecture provides a security suite for the IP version 4 (IPv4) and IP version 6 (IPv6) network layers. The suite provides functionality such as authentication of origin, data integrity, confidentiality, replay protection, and nonrepudiation of source. It also defines mechanisms for key generation and exchange, management of security associations, and support for digital certificates.

IPsec defines a security association (SA) and key management framework that can be used with any network layer protocol. The SA specifies what protection policy to apply to traffic between two IP-layer entities. For more information, see the Junos OS Administration Library for Routing Devices. The standards are defined in the following RFCs:

  • RFC 2401, Security Architecture for the Internet Protocol

  • RFC 2406, IP Encapsulating Security Payload (ESP)