\begin{frame}[fragile]
\frametitle{IPsec}
\begin{itemize}
\item packet encapsulation in OSI Layer 2
\item Linux Kernel provides IPsec implementation
\item exploit Cryptographic Framework in Kernel
\item supported modes:
  \begin{itemize}
  \item Transport: only the payload is encrypted (IP header is left unchanged)
  \item Tunneling: IP header and payload is encrypted
  \end{itemize}
\item very high security rating
\item basis for large network-infrastructures
\end{itemize}
\end{frame}