Internet Protocol Security (IPSec) VPN – a network-layer virtual private network (VPN) that enables enterprises to use the Internet infrastructure to extend a private network across geographically distributed locations. IPSec VPNs route communications between sites over the Internet (which uses the Internet Protocol (IP) to transmit text in the clear), using a combination of encryption and tunneling functions to keep the communications private.
They use peer negotiation protocols, like IPSec, to encapsulate the data being transferred within an IP “wrapper” that will go over the Internet. This encapsulated data is received by the network-layer VPN gateway, “unwrapped,” decrypted, and routed to the recipient. Traffic coming from the VPN gateway is handled as if it came from any user within the local area network (LAN) itself.
All remote or mobile users not at an aggregation point must have client software installed on their remote PC to use the IPSec VPN. For organizations trying to provide remote access to hundreds or thousands of mobile users, deploying, updating and managing all of these clients can be very time consuming and costly, which is why they may then use an SSL VPN.