Home page logo

basics logo Security Basics mailing list archives

RE: MPLS Encryption
From: "Shawn Jackson" <sjackson () horizonusa com>
Date: Fri, 12 Dec 2003 09:09:13 -0800

        MPLS is used on switched networks to aid in routing, or static
paths, of packets. MPLS in it 'true-to-life' form is just an additional
header tagged to the packet at which the network equipment looks at. 

        What you will want is called IPSec ESP (Encrypted Security
Payload). ESP is used to protect data but keeps the header in tact for
transmission on a standard network, i.e. PPTP. The technologies are not
mutually exclusive; you can use IPSec-ESP/AH with MPLS. Most end-nodes
never see the MPLS header, seaming it's striped at the PE router. Any
product that has IPSec VPN will have ESP and AH (Authentication Header),
but it depends on what your trying to do. Are you trying to secure
communications on a LAN? Or are you trying to secure data in the
Internet/Extranet? If you give the group some specifics about your
situation, I'm sure someone can help you better then me.

Shawn Jackson
Systems Administrator
Horizon USA
1190 Trademark Dr #107
Reno NV 89521
Email: sjackson () horizonusa com
Phone: (775) 858-2338
       (800) 325-1199 x338

-----Original Message-----
From: Clive.Madden () barclayscapital com
[mailto:Clive.Madden () barclayscapital com] 
Sent: Thursday, December 11, 2003 4:11 AM
To: security-basics () securityfocus com
Subject: MPLS Encryption

Hello, I was wondering if you could help me. I saw an email from an
gentleman called Hussein Ghazy back in June asking about payload
over MPLS. I was wondering if you could recommend any products that only
payload encryption and NOT header. Your help would be gratefully

Clive Madden

For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.

Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the

Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]