¨A collection of protocols used to create VPNs
¨A network layer security protocol providing cryptographic security services that can support various combinations of authentication, integrity, access control, and confidentiality
¨Allows creation of an encrypted tunnel between two private networks
¨Supports authentication of the two ends of the tunnel
¨Cannot directly encrypt non-IP traffic
¨Can encrypt GRE tunnel containing non-IP data
¨Comprises of IKE, ESP, and AH