Security Protocols (AH – Authentication Header, ESP – Encapsulating Security Payload)

#Integrity vs. Confidentiality: The IPsec Toolset#link

Now that we understand how IPsec wraps packets (Modes), we must decide *how* to protect the data. IPsec provides two primary protocols for this: AH and ESP. While they might seem similar, they offer fundamentally different security guarantees.

AH (Authentication Header)

AH is designed for integrity and authenticity only. It signs the entire packet (including the IP header) using a keyed hash. This ensures that the packet wasn't tampered with and that it truly came from the claimed sender. However, AH provides **zero encryption**. Everything is sent in cleartext.

In the output above, `proto 51` identifies the Authentication Header. If you see this in a modern network, it's likely a legacy system or a very specific internal requirement where encryption is legally forbidden but integrity is required.

ESP (Encapsulating Security Payload)

ESP is the 'workhorse' of IPsec. Unlike AH, ESP provides confidentiality (encryption) as well as optional authentication. It encrypts the payload and adds its own header and trailer. Because ESP does not sign the outer IP header, it can pass through NAT devices (provided NAT-T is enabled).

# Conceptual ESP Packet Structure
[ New IP Header ] [ ESP Header ] [ IV ] [ Encrypted Data ] [ ESP Trailer ] [ ESP Auth Tag ]

The Shift to ESP-Only Environments

In contemporary security architecture, the recommendation is to use ESP for everything. If you need authentication without encryption, you can technically configure ESP with a 'NULL' encryption algorithm, but you still benefit from the NAT compatibility and structural advantages of the ESP protocol.

• ▪Prioritize ESP over AH for all VPNs
• ▪Use AES-GCM for combined encryption/authentication
• ▪Disable AH in firewall rules to reduce attack surface
• ▪Ensure ESP Protocol 50 is permitted through edge firewalls