What is IPsec?
Why Interviewers Ask This
This question targets practical, hands-on experience with Networking. Interviewers want to see if you've worked with these concepts in real projects, not just read about them. Strong answers include concrete examples.
Answer
IPsec (Internet Protocol Security) is a suite of protocols for securing IP communications by authenticating and encrypting each IP packet. It operates at the Network layer (Layer 3), transparently securing all traffic regardless of the application. IPsec has two modes: Transport mode — only the payload is encrypted; original IP headers remain intact (used for end-to-end host-to-host security). Tunnel mode — the entire original IP packet is encrypted and encapsulated in a new IP packet (used for VPNs — gateway-to-gateway). Key protocols: AH (Authentication Header) — provides authentication and integrity but no encryption. ESP (Encapsulating Security Payload) — provides encryption, authentication, and integrity (most commonly used). IKE (Internet Key Exchange) — negotiates security associations (SAs) and manages key exchange. IPsec is the foundation of most site-to-site VPNs and L2TP/IPsec remote access VPNs.
Common Mistake
Candidates often give textbook answers here. Interviewers are more impressed when you relate the concept to a specific problem you solved in a real Networking project.