Ipsec
IPsec
IPsec (outlined in RFC 2401) is a security enhancement to the IP and IPv6 protocols in Internet communication. Since IPsec is a combination of keyed-hash, symmetric cryptography as well as assymetric cryptography it's proper to make this a seperate section outlining all functions of the protocol here.
IPsec has three protocols Authenticated Header (AH), Encapsulating Security Payload (ESP), and IP Compression (IPComp). In a short explanation AH adds a message authentication check to the header ensuring integrity of the payload. ESP encrypts the payload following the IPsec header making it safer from sniffing, and also adds a message authentication check.
IPsec usually uses the IKE protocol to do symmetric key setup, and to provide authentication of end-points (vs authentication of individual packets).
OS Implementations
For GNU/Linux the popular implementation is openswan which is the result of the disbandment of freeswan.
FreeBSD IPsec requires you build it into your kernel, this will require:
options IPSEC options IPSEC_ESP
in /usr/src/sys/i386/conf/$YOUR_FIREWALL and a kernel recompile.
OpenBSD has a built-in IPsec stack. It has a daemon called isakmpd which speaks the ISAKMP/Oakley aka. IKE Key management protocol is used for establishing security associations (private encryption keys) between peers.
Microsoft WinXP Pro apparently has ipsec built in as well.