Securing Communication of Legacy Applications with IPSec: Step-by-Step Guide to Protecting “Data in Transit” without Changes in Your Existing Software
By Slava Gomzin
()
About this ebook
Booklet for IT professionals, developers and security specialists on how to utilize IPSec protocol in order to protect data transmission between legacy applications which were created before secure communication became common practice. In many cases it is difficult or even impossible to make necessary changes in old software in order to implement commonly accepted secure protocols such as SSL/TLS. IPSec protocol can be utilized as inexpensive but powerful alternative solution which provides adequately high level of protection.
Topics include: what is IPSec and how to use it to secure data transmission, creating and deploying IPSec policy, overview or IPSec authentication types, configuring IPSec Policy with different types of authentication, and more (Article: ~2,180 words).
Table of Contents includes:
Introduction • TCP/IP Security Vulnerabilities • What is IPSec? • Securing Data Transmission with IPSec • Creating and Deploying IPSec Policy • Selecting IPSec Authentication Type • Configuring IPSec Policy with Kerberos Authentication • Diffie-Hellman Groups • Configuring IPSec Policy with X.509 Certificates Authentication • Configuring Certificate Template • Testing • Conclusion • Resources • About the Author
Slava Gomzin, CISSP, PCI ISA, ECSP, Security+ has more than 15 years of professional experience in software development and application security. He is Security Architect at Retalix USA.
Slava Gomzin
Slava Gomzin is a Security and Payments Technologist at Hewlett-Packard, where he helps create products that are integrated into modern payment processing ecosystems using the latest security and payments technologies. Prior to joining Hewlett-Packard, Slava was a security architect, corporate product security officer, R&D and application security manager, and development team leader at Retalix, a Division of NCR Retail. As PCI ISA, he focused on security and PA-DSS, PCI DSS, and PCI P2PE compliance of POS systems, payment applications, and gateways. Before moving into security, Slava worked in R&D on design and implementation of new products including next-generation POS systems and various interfaces to payment gateways and processors. Slava currently holds CISSP, PCIP, ECSP, and Security+ certifications. He blogs about payment security at www.gomzin.com.
Read more from Slava Gomzin
Hiding Web Traffic with SSH: How to Protect Your Internet Privacy against Corporate Firewall or Insecure Wireless Rating: 0 out of 5 stars0 ratingsSecuring Email Communication: How to Protect Your Correspondence from Wiretapping Using Free Tools Rating: 0 out of 5 stars0 ratingsSecuring Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build Rating: 0 out of 5 stars0 ratingsProtecting Confidential Information: How to Securely Store Sensitive Data Rating: 0 out of 5 stars0 ratingsSecuring .NET Web Services with SSL: How to Protect “Data in Transit” between Client and Remote Server Rating: 0 out of 5 stars0 ratings
Related to Securing Communication of Legacy Applications with IPSec
Related ebooks
Linux Security Fundamentals Rating: 0 out of 5 stars0 ratingsNetcat Power Tools Rating: 3 out of 5 stars3/5Cisco Router and Switch Forensics: Investigating and Analyzing Malicious Network Activity Rating: 3 out of 5 stars3/5Network Performance and Security: Testing and Analyzing Using Open Source and Low-Cost Tools Rating: 0 out of 5 stars0 ratingsMicrosoft Forefront UAG 2010 Administrator's Handbook Rating: 0 out of 5 stars0 ratingsSSL VPN : Understanding, evaluating and planning secure, web-based remote access Rating: 0 out of 5 stars0 ratingsLeast Privilege Security for Windows 7, Vista and XP Rating: 0 out of 5 stars0 ratingsHands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsSRS - How to build a Pen Test and Hacking Platform Rating: 2 out of 5 stars2/5Versatile Routing and Services with BGP: Understanding and Implementing BGP in SR-OS Rating: 0 out of 5 stars0 ratingsInstant Traffic Analysis with Tshark How-to Rating: 0 out of 5 stars0 ratingsNetstat A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsNetwork Recovery: Protection and Restoration of Optical, SONET-SDH, IP, and MPLS Rating: 4 out of 5 stars4/5CCIE A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsSeven Deadliest Network Attacks Rating: 3 out of 5 stars3/5Snort Intrusion Detection and Prevention Toolkit Rating: 5 out of 5 stars5/5WarDriving: Drive, Detect, Defend: A Guide to Wireless Security Rating: 3 out of 5 stars3/5Building Telephony Systems with OpenSER Rating: 0 out of 5 stars0 ratingsManaging and Securing a Cisco Structured Wireless-Aware Network Rating: 3 out of 5 stars3/5IoT Security A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsNetwork Design A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsCCNP Third Edition Rating: 0 out of 5 stars0 ratingsThe Best Damn Cisco Internetworking Book Period Rating: 0 out of 5 stars0 ratingsThe Real Citrix CCA Exam Preparation Kit: Prepare for XenApp 5.0 Rating: 2 out of 5 stars2/5Android Application Security Essentials Rating: 0 out of 5 stars0 ratingsPractical VoIP Security Rating: 0 out of 5 stars0 ratingsVPN Third Edition Rating: 0 out of 5 stars0 ratingsNetwork Designs A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratings
Internet & Web For You
Coding For Dummies Rating: 5 out of 5 stars5/5Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State Rating: 4 out of 5 stars4/5How to Disappear and Live Off the Grid: A CIA Insider's Guide Rating: 0 out of 5 stars0 ratingsPodcasting For Dummies Rating: 4 out of 5 stars4/5The Beginner's Affiliate Marketing Blueprint Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Six Figure Blogging Blueprint Rating: 5 out of 5 stars5/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5How To Make Money Blogging: How I Replaced My Day-Job With My Blog and How You Can Start A Blog Today Rating: 4 out of 5 stars4/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5The Gothic Novel Collection Rating: 5 out of 5 stars5/5The Logo Brainstorm Book: A Comprehensive Guide for Exploring Design Directions Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Python QuickStart Guide: The Simplified Beginner's Guide to Python Programming Using Hands-On Projects and Real-World Applications Rating: 0 out of 5 stars0 ratingsHow To Start A Profitable Authority Blog In Under One Hour Rating: 5 out of 5 stars5/5Get Rich or Lie Trying: Ambition and Deceit in the New Influencer Economy Rating: 0 out of 5 stars0 ratingsTube Ritual: Jumpstart Your Journey to 5000 YouTube Subscribers Rating: 0 out of 5 stars0 ratingsThe $1,000,000 Web Designer Guide: A Practical Guide for Wealth and Freedom as an Online Freelancer Rating: 5 out of 5 stars5/5How To Start A Podcast Rating: 4 out of 5 stars4/5The Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That Sell Rating: 5 out of 5 stars5/5Remote/WebCam Notarization <<Extended>> Commonwealth of Virginia Rating: 0 out of 5 stars0 ratingsCreate Something Awesome: How Creators are Profiting from Their Passion in the Creator Economy Rating: 0 out of 5 stars0 ratings
Reviews for Securing Communication of Legacy Applications with IPSec
0 ratings0 reviews
Book preview
Securing Communication of Legacy Applications with IPSec - Slava Gomzin
Securing Communication of Legacy Applications with IPSec
Step-by-Step Guide to Protecting Data in Transit
without Changes in Your Existing Software
Application Security Series
Slava Gomzin
Smashwords Edition
Cover Photo and Design: Alisa Levy
Copyright © 2012 Slava Gomzin
Introduction • TCP/IP Security Vulnerabilities • What is IPSec? • Securing Data Transmission with IPSec • Creating and Deploying IPSec Policy • Selecting IPSec Authentication Type • Configuring IPSec Policy with Kerberos Authentication • Diffie-Hellman Groups • Configuring IPSec Policy with X.509 Certificates Authentication • Configuring Certificate Template • Testing • Conclusion • Resources • About the Author
Introduction
TCP/IP technology is being used by many legacy products for remote network communication between different modules of distributed applications. TCP/IP communication protocol is not secure by definition since