Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 




Internet Security Association and Key Management Protocol (ISAKMP)


Complete Definition

Internet Security Association and Key Management Protocol (ISAKMP), a key protocol in the IPsec (Internet Security) architecture, combines the security concepts of authentication, key management and security associations to establish the required security for government, commercial and private communications on the Internet.


The Internet Security Association and Key Management Protocol (ISAKMP) defines procedures and packet formats to establish, negotiate, modify and delete Security Associations (SAs). SAs contain all the information required for execution of various network security services, such as the IP layer services (such as header authentication and payload encapsulation), transport or application layer services, or self-protection of negotiation traffic. ISAKMP defines payloads for exchanging key generation and authentication data. These formats provide a consistent framework for transferring key and authentication data independent of the key generation technique, encryption algorithm and authentication mechanism.


ISAKMP is distinct from key exchange protocols in order to cleanly separate the details of security association management (and key management) from the details of key exchange. There may be many different key exchange protocols, each with different security properties. However, a common framework is required for agreeing to the format of SA attributes and for negotiating, modifying and deleting SAs. ISAKMP serves as this common framework.


ISAKMP header.png


ISAKMP Wikipedia Definition



  • The OAKLEY Key Determination Protocol — RFC 2412
  • The Internet IP Security Domain of Interpretation for ISAKMP — RFC 2407
  • Internet and Key Management Protocol (ISAKMP) — RFC 2408


Also See:

Version history
Revision #:
2 of 2
Last update:
‎08-23-2017 01:10 PM
Updated by:
Labels (1)
Everyone's tags (2)