Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NC: ESP vs. oNCP : Which one offers the best security criteria?

SOLVED
Go to solution
Seb_
New Contributor
‎08-20-2008 11:31:PM
‎08-20-2008 11:31:PM

NC: ESP vs. oNCP : Which one offers the best security criteria?

Hi,
One of my customers is asking us what is different in term of security when using ESP transport mode for NC instead of using the default oNCP.
My point of view is that ESP should be more secure because the symmetric encryption key is changed after a given time or a given amount of tranmitted data. This makes replay attacks much more complicated.
What is your opinion?
Thanks in advance
Seb
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Kifah_
Occasional Contributor
‎08-22-2008 06:14:AM
‎08-22-2008 06:14:AM

Re: NC: ESP vs. oNCP : Which one offers the best security criteria?

Hi,

I think that there is not a big difference from the security view. ESP has a better performance than oNCP. So if you use VoIP i would recommend ESP.

Greetings

Kifah

View solution in original post

0 Kudos
5 REPLIES 5
Jickfoo_
Super Contributor
‎08-21-2008 06:32:AM
‎08-21-2008 06:32:AM

Re: NC: ESP vs. oNCP : Which one offers the best security criteria?

I'd vote for ESP for the simple fact that it uses udp.. Less prone to port scans and the like and it's faster.

0 Kudos
Kifah_
Occasional Contributor
‎08-22-2008 06:14:AM
‎08-22-2008 06:14:AM

Re: NC: ESP vs. oNCP : Which one offers the best security criteria?

Hi,

I think that there is not a big difference from the security view. ESP has a better performance than oNCP. So if you use VoIP i would recommend ESP.

Greetings

Kifah

0 Kudos
Seb_
New Contributor
‎08-25-2008 02:04:AM
‎08-25-2008 02:04:AM

Re: NC: ESP vs. oNCP : Which one offers the best security criteria?

Ok, thanks for your opinion.
If somebody has a more detailled explanation, it will be the welcome.
Best regards
Seb
0 Kudos
Dan_Smart_
Occasional Contributor
‎08-27-2008 12:19:PM
‎08-27-2008 12:19:PM

Re: NC: ESP vs. oNCP : Which one offers the best security criteria?

ESP has 1.5X the performance of NCP. Use ESP always.

-=Dan=-

0 Kudos
applmott_
Occasional Contributor
‎11-11-2008 10:57:AM
‎11-11-2008 10:57:AM

Re: NC: ESP vs. oNCP : Which one offers the best security criteria?

I would not recommend always using ESP. In fact, there are cases where the packet size of ESP can do some very funky things to routers (WRT, DLINK). We have had numerous reports of faulty DNS, packet loss, etc. when using ESP transport mode. The benefit to using NCP/oNCP is that you have a lot more flexibility because it rides over TCP (connection-oriented, retransmission of lost packets) so if you don't need to run stream-dependent traffic like VoIP or streaming media, NCP can in fact be just as effective to the end-users.

Hope that helps.

-C

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.