SA and Key Management with IKE Protocol
As mentioned previously, IKE stands for Internet Key Exchange Protocol, which is defined by RFC 2409. It is used primarily to exchange keying materials and for establishing security associations. It is possible to configure both keying materials and the security associations manually, but for large-scale deployment, this is not a very scalable solution. So, IKE is a must because it addresses this issue.
IKE is a two-phase protocol:
More detailed discussion follows in subsequent sections.