Information security strategies protect data on servers and client computers, and also conceal and protect packets traversing insecure networks. Distributed security plans need to identify which information must be protected in the event computer equipment is lost or stolen. Also, types of network traffic that are sensitive or private and need to be protected from network sniffers must be included in the plan.
To keep network data packets confidential, Internet Protocol Security (IPSec) can be used to encrypt network traffic among some or all of the servers in an organization. IPSec provides the ability to set up authenticated and encrypted network connections between two computers. For example, an e-mail server can be configured to require secure communication with clients and thereby prevent a packet sniffer from reading e-mail messages between the clients and the server. IPSec is ideal for protecting data from existing applications that were not designed with security in mind.