Advantages & Disadvantages of IPSec

Advantages

Universality - IPSec is an international standard because of the flexibility and power of IP.  It can provide security and communicate with a  variety of different networks from around the world.

Scalability - Through IP, IPSec can be applied in networks of all sizes including LAN's to global networks. 

Network Layer Security - Because IPSec functions at a low network level, factors such as users, applications, lower level data carrying protocols, and transport technology will not affect the performance of it.

Application Independence - IPSec is not limited to specific applications.  There is no way to predict what applications will traverse a network  However, it is guaranteed that they will be routed with IP, making them IPSec compatible.

Disadvantages

Small Packets - When transmitting small packets, the encryption process of IPSec generates a large overhead.  This diminishes the performance of the network.

Complexity - Because IPSec has a great number of features and options, it is very complex.  Complexity increases the probability of the presence of a weakness or hole.  For example, IPSec is weak against replay attacks.

Firewall - The implementation of IPSec defeats the purpose of a firewall.  This is because firewalls are based on preconfigured rules, which IPSec encrypts.  This problem, however, can be avoided if the firewall is used along with the IPSec gateway, which is a decryption method.

       Home               Why is IPSec important?               Purpose                 Implementation                 Advantages & Disadvantages                      Related Links