NIST Revises Guide to IPsec VPNs: SP 800-77 Revision 1
June 30, 2020

Internet Protocol Security (IPsec) is a network layer security control used to protect communications over public networks, encrypt IP traffic between hosts, and create virtual private networks (VPNs). A VPN provides a secure communication mechanism for data and control information between computers or networks, and the Internet Key Exchange (IKE) protocol is most commonly used to establish IPsec-based VPNs.

Since the original publication of NIST Special Publication (SP) 800-77 in 2005, IPsec and IKE protocols have been enhanced, and much operational experience has been gained from the security solutions deployed.

This revision, SP 800-77 Revision 1, contains new security and cryptographic recommendations and requirements with a focus on how IPsec provides network layer security services. The document also describes how organizations can implement IPsec, IKE, and their alternatives under varying circumstances.

Related Topics

Security and Privacy: encryption, key management, message authentication

Technologies: internet

Created June 30, 2020, Updated July 22, 2020