Securing Communication of Legacy Applications with IPSec: Step-by-Step Guide to Protecting “Data in Transit” without Changes in Your Existing Software
By Slava Gomzin
()
About this ebook
Booklet for IT professionals, developers and security specialists on how to utilize IPSec protocol in order to protect data transmission between legacy applications which were created before secure communication became common practice. In many cases it is difficult or even impossible to make necessary changes in old software in order to implement commonly accepted secure protocols such as SSL/TLS. IPSec protocol can be utilized as inexpensive but powerful alternative solution which provides adequately high level of protection.
Topics include: what is IPSec and how to use it to secure data transmission, creating and deploying IPSec policy, overview or IPSec authentication types, configuring IPSec Policy with different types of authentication, and more (Article: ~2,180 words).
Table of Contents includes:
Introduction • TCP/IP Security Vulnerabilities • What is IPSec? • Securing Data Transmission with IPSec • Creating and Deploying IPSec Policy • Selecting IPSec Authentication Type • Configuring IPSec Policy with Kerberos Authentication • Diffie-Hellman Groups • Configuring IPSec Policy with X.509 Certificates Authentication • Configuring Certificate Template • Testing • Conclusion • Resources • About the Author
Slava Gomzin, CISSP, PCI ISA, ECSP, Security+ has more than 15 years of professional experience in software development and application security. He is Security Architect at Retalix USA.
Slava Gomzin
Slava Gomzin is a Security and Payments Technologist at Hewlett-Packard, where he helps create products that are integrated into modern payment processing ecosystems using the latest security and payments technologies. Prior to joining Hewlett-Packard, Slava was a security architect, corporate product security officer, R&D and application security manager, and development team leader at Retalix, a Division of NCR Retail. As PCI ISA, he focused on security and PA-DSS, PCI DSS, and PCI P2PE compliance of POS systems, payment applications, and gateways. Before moving into security, Slava worked in R&D on design and implementation of new products including next-generation POS systems and various interfaces to payment gateways and processors. Slava currently holds CISSP, PCIP, ECSP, and Security+ certifications. He blogs about payment security at www.gomzin.com.
Read more from Slava Gomzin
Hiding Web Traffic with SSH: How to Protect Your Internet Privacy against Corporate Firewall or Insecure Wireless Rating: 0 out of 5 stars0 ratingsSecuring Email Communication: How to Protect Your Correspondence from Wiretapping Using Free Tools Rating: 0 out of 5 stars0 ratingsSecuring Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build Rating: 0 out of 5 stars0 ratingsSecuring .NET Web Services with SSL: How to Protect “Data in Transit” between Client and Remote Server Rating: 0 out of 5 stars0 ratingsProtecting Confidential Information: How to Securely Store Sensitive Data Rating: 0 out of 5 stars0 ratings
Related to Securing Communication of Legacy Applications with IPSec
Related ebooks
Cisco Router and Switch Forensics: Investigating and Analyzing Malicious Network Activity Rating: 3 out of 5 stars3/5Netcat Power Tools Rating: 3 out of 5 stars3/5Hands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsLinux Security Fundamentals Rating: 0 out of 5 stars0 ratingsLeast Privilege Security for Windows 7, Vista and XP Rating: 0 out of 5 stars0 ratingsIP Addressing and Subnetting INC IPV6: Including IPv6 Rating: 0 out of 5 stars0 ratingsSSL VPN : Understanding, evaluating and planning secure, web-based remote access Rating: 0 out of 5 stars0 ratingsPractical Deployment of Cisco Identity Services Engine (ISE): Real-World Examples of AAA Deployments Rating: 5 out of 5 stars5/5Web Application Firewall Assurance Rating: 0 out of 5 stars0 ratingsComptia Network+ V6 Study Guide - Indie Copy Rating: 0 out of 5 stars0 ratingsNetwork Performance and Security: Testing and Analyzing Using Open Source and Low-Cost Tools Rating: 0 out of 5 stars0 ratingsCisco Network Administration Interview Questions: CISCO CCNA Certification Review Rating: 5 out of 5 stars5/5CheckPoint NG VPN 1/Firewall 1: Advanced Configuration and Troubleshooting Rating: 0 out of 5 stars0 ratingsCCIE Security A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsVersatile Routing and Services with BGP: Understanding and Implementing BGP in SR-OS Rating: 0 out of 5 stars0 ratingsIoT Security A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsInstant Traffic Analysis with Tshark How-to Rating: 0 out of 5 stars0 ratingsAdministering Cisco QoS in IP Networks: Including CallManager 3.0, QoS, and uOne Rating: 0 out of 5 stars0 ratingsCCIE Security The Ultimate Step-By-Step Guide Rating: 0 out of 5 stars0 ratingsThe Best Damn Cisco Internetworking Book Period Rating: 0 out of 5 stars0 ratingsFirewall Policies and VPN Configurations Rating: 0 out of 5 stars0 ratingsCompTIA Cloud+ Study Guide: Exam CV0-002 Rating: 0 out of 5 stars0 ratingsNetwork Recovery: Protection and Restoration of Optical, SONET-SDH, IP, and MPLS Rating: 4 out of 5 stars4/5Seven Deadliest Network Attacks Rating: 3 out of 5 stars3/5IP Routing Protocols All-in-one: OSPF EIGRP IS-IS BGP Hands-on Labs Rating: 0 out of 5 stars0 ratingsNetwork Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security Rating: 0 out of 5 stars0 ratingsPractical VoIP Security Rating: 0 out of 5 stars0 ratingsCisco Security Professional's Guide to Secure Intrusion Detection Systems Rating: 0 out of 5 stars0 ratings
Internet & Web For You
Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5How to Disappear and Live Off the Grid: A CIA Insider's Guide Rating: 0 out of 5 stars0 ratingsNo Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State Rating: 4 out of 5 stars4/5Coding For Dummies Rating: 5 out of 5 stars5/5Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5Get Rich or Lie Trying: Ambition and Deceit in the New Influencer Economy Rating: 0 out of 5 stars0 ratingsSix Figure Blogging Blueprint Rating: 5 out of 5 stars5/5Beginner's Guide To Starting An Etsy Print-On-Demand Shop Rating: 0 out of 5 stars0 ratingsEverybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Podcasting For Dummies Rating: 4 out of 5 stars4/5The Beginner's Affiliate Marketing Blueprint Rating: 4 out of 5 stars4/5The Gothic Novel Collection Rating: 5 out of 5 stars5/5The Logo Brainstorm Book: A Comprehensive Guide for Exploring Design Directions Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5How To Start A Podcast Rating: 4 out of 5 stars4/5200+ Ways to Protect Your Privacy: Simple Ways to Prevent Hacks and Protect Your Privacy--On and Offline Rating: 0 out of 5 stars0 ratingsThe Internet Is Not What You Think It Is: A History, a Philosophy, a Warning Rating: 4 out of 5 stars4/5The Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That Sell Rating: 5 out of 5 stars5/5More Porn - Faster!: 50 Tips & Tools for Faster and More Efficient Porn Browsing Rating: 3 out of 5 stars3/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsThe $1,000,000 Web Designer Guide: A Practical Guide for Wealth and Freedom as an Online Freelancer Rating: 5 out of 5 stars5/5Introduction to Internet Scams and Fraud: Credit Card Theft, Work-At-Home Scams and Lottery Scams Rating: 4 out of 5 stars4/5
Reviews for Securing Communication of Legacy Applications with IPSec
0 ratings0 reviews
Book preview
Securing Communication of Legacy Applications with IPSec - Slava Gomzin
Securing Communication of Legacy Applications with IPSec
Step-by-Step Guide to Protecting Data in Transit
without Changes in Your Existing Software
Application Security Series
Slava Gomzin
Smashwords Edition
Cover Photo and Design: Alisa Levy
Copyright © 2012 Slava Gomzin
Introduction • TCP/IP Security Vulnerabilities • What is IPSec? • Securing Data Transmission with IPSec • Creating and Deploying IPSec Policy • Selecting IPSec Authentication Type • Configuring IPSec Policy with Kerberos Authentication • Diffie-Hellman Groups • Configuring IPSec Policy with X.509 Certificates Authentication • Configuring Certificate Template • Testing • Conclusion • Resources • About the Author
Introduction
TCP/IP technology is being used by many legacy products for remote network communication between different modules of distributed applications. TCP/IP communication protocol is not secure by definition since