0

Im trying to figure out how SSL and ipsec works. I know the process in both SSL and ipsec but why do I need SSL if I can use IPsec when it runs below the transport layer. Wont IPsec encrypt everything ssl does?

  • *What is the difference between the level of security provided by IPsec and SSL?

  • If I use IPsec is SSL necessary?

  • Is encryption only during transmission for both IPserc and SSL?

  • if not what services are used for local encryption? SOA web services?

PS: Ive read how the different protocols work at an encryption level but I have a hard time understanding the big picture.

Thanks.

eternalStud
  • 9
  • 2
  • 1
    Off-topic. but IPsec only secures between endpoints. SSL secures between known identities, e.g. a server or even a real person. – user207421 May 29 '15 at 00:07
  • Thanks. Im a right that IPsec encapsulates the entire header but SSL only at the transport level so it would be possible to get information about the header? Im so confused, I know the protocols, i think but I cant get the big picture concerning security at the different levels and when to use the different protocols. –  May 29 '15 at 01:59
  • Here's the thread with the definitive answer for ["How does SSL Work?"](https://security.stackexchange.com/questions/87564/how-does-ssl-tls-pki-work) – Mike Ounsworth May 29 '15 at 12:20
  • ipsec is about create a VPN, SSL is a technology that could be use to secure other applications like http. – gog May 29 '15 at 12:45
  • 2
    @ggui: Only if in tunneled mode. IPsec can be used in transport mode too. – SilverlightFox May 29 '15 at 13:02
  • I'm assuming you are talking about the difference between an SSL VPN and IPsec? – Lucas Kauffman May 29 '15 at 13:23

1 Answers1

0

IPsec: Commonly used in VPNs, it supports several means of authentication, but requires some coordination between the endpoints to choose keys, root CA's or other authentication methods.

It can run in two modes: tunnel mode, where the entire packet is encrypted and encapsulated in an IPsec tunnel packet header, or transport mode, with only the data section of the packet encrypted. VPNs use tunnel mode.

SSL: Used for client-server communications because it requires no coordination between parties.

No need to use both on the same connection.

See this question for more details: Are there any reasons for using SSL over IPSec?

Community
  • 1
ztk
  • 2,247
  • 13
  • 22