Openswan is an implementation of the IPSec & IKE protocols for Linux. These protocols allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end.

One result is Virtual Private Network or VPN. This is a restricted access, access controlled network which uses the public Internet as a transport media. Effectively private even though it includes machines at several different sites connected by the insecure Internet.

Another result is ubiquitous privacy through Opportunistic Encryption. OE provides for privacy among large groups of mutually suspicious hosts. OE is appropriate when the access control and authentication will occur in another protocol (such as SIP), but privacy is desired.