This document provides an overview of Internet Protocol Security (IPSec) and compares it to Secure Sockets Layer (SSL). IPSec provides authentication and encryption of IP packets and can encrypt both IP headers and payload data, making it application independent. It uses the Encapsulating Security Payload (ESP) protocol to encrypt data. For two devices to communicate securely using IPSec, they must first use Internet Key Exchange (IKE) to securely exchange security associations (SAs) and a shared secret key. The SAs are then used to encrypt packets sent between the devices using ESP in either transport or tunnel mode.