IPSec can be employed between hosts (that is, end nodes),
between gateways, or between a host and a gateway in an IP network.
At first release, the HP-UX IPSec/9000 product can only be installed
on end nodes. Installing HP-UX IPSec/9000 on a gateway node is currently
not supported.
Two hosts can protect communications between them, with or
without intervening gateways, by both running IPSec/9000 locally.
In this type of configuration, most systems can communicate with
each other.
When communicating partners residing in locally untrusted
networks and also wanting a secure connection across an insecure
public network, such as the Internet, HP-IPSec can be employed to
create a tunnel between two Internet gateway
systems.
In situations where the local subnet is a trusted network,
IPSec/9000 can be employed between a host system and the gateway
to provide security services between these systems, thereby creating
a secure Virtual Private Network (VPN).
Printable version
