A Virtual Private Network (VPN) is a network that employs encrypted tunnels to exchange securely protected data. Deep Edge creates encrypted tunnels by using the Internet Key Exchange (IKE) and IP Security (IPsec) protocols. IKE creates the VPN tunnel, and this tunnel is used to transfer IPSec encoded data.

Think of IKE as the process that builds a tunnel, and IPSec packets as trucks that carry the encrypted data along the tunnel.

Deep Edge units implement the Encapsulated Security Payload (ESP) protocol. The encrypted packets look like ordinary packets that can be routed through any IP network.

IKE is performed automatically based on pre-shared keys or X.509 digital certificates. As an option, you can specify manual keys. Interface mode, supported in NAT/Route mode only, creates a virtual interface for the local end of a VPN tunnel.