#1 Download computer science & engineering books free           #2 Display your sponsored posts here. Reach 20,000+ students. Contact: info[at]cpentalk.com for quote           #3 Take the Ultimate Trivia Quiz. See where you rank globally.
0 votes
in Computer Networks by (user.guest)

1 Answer

0 votes
by (user.guest)
Best answer

The given statement, “IPsec SA and IKE SA are same” is False.

• IPsec SA and IKE SA are not same.

• In the network layer, a logical connection is created between any two network entities before transmitting the IPsec datagrams. This logical connection is known as an IPsec security association (IPsec SA).

• For a large virtual private network (VPN), it is highly impossible to enter all the SA’s information manually into the Secure Association Databases (SADs) of IPsec entities (routers). To overcome this problem, an automated mechanism is provided to create SAs. This mechanism is known as Internet Key Exchange (IKE) protocol.

• The IKE is very much similar to SSL handshake and it establishes a SA in two phases. In the first phase, the two IPsec entities exchanges two message pairs. The first message exchange creates a bi-directional IKE SA, which provides a secure channel between two IPsec entities to establish a SA.

• The messages required to establish SA, are exchanged over the secured IKE SA channel.

If you found this answer helpful, please upvote and share with other students in your network.

Related questions

Welcome to CPEN Talk
Solution-oriented students of computer engineering on one platform to get you that


A diff between your code and Chuck Norris's is infinite.