<Ul> <Li> </Li> <Li> </Li> <Li> </Li> </Ul> <P> In computing, Internet Protocol Security (IPsec) is a network protocol suite that authenticates and encrypts the packets of data sent over a network . IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to use during the session . IPsec can protect data flows between a pair of hosts (host - to - host), between a pair of security gateways (network - to - network), or between a security gateway and a host (network - to - host). Internet Protocol security (IPsec) uses cryptographic security services to protect communications over Internet Protocol (IP) networks . IPsec supports network - level peer authentication, data - origin authentication, data integrity, data confidentiality (encryption), and replay protection . </P> <P> IPsec is an end - to - end security scheme operating in the Internet Layer of the Internet Protocol Suite, while some other Internet security systems in widespread use, such as Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers at the Transport Layer (TLS) and the Application layer (SSH). IPsec can automatically secure applications at the IP layer . </P> <P> In the late 1980s, US NIST developed a set of security protocols for the Internet . One of these, Security Protocol at layer - 3 (SP3) was implemented in IP encryption devices sold by Motorola . The IPsec Encapsulating Security Payload (ESP) is a direct derivative of the SP3 protocol . In 1992, both research and implementation began at the US Naval Research Laboratory (NRL) on IP encryption . This NRL work ultimately led to the IP Security protocols standardized by the Internet Engineering Task Force (IETF). Later, in December 1993, the Software IP Encryption protocol swIPe (protocol) was researched at Columbia University and AT&T Bell Labs by John Ioannidis and others . </P>

Where does ipsec reside in a protocol stack