Communications can also be secured with encryption at higher levels of the OSI model. Well known examples of this type of protocol are SSL (Secure Socket Layer) mainly used for web browser connections, S/MIME (Secure Multipurpose Internet Mail Extensions) for e-mails and PGP (Pretty Good Privacy) for e-mails and files.
In all of the above protocols, an application handles the encryption of the data, for example the Web browser on one end and the HTTP server on the other.
A disadvantage of these protocols in the limitation to specific applications. In addition, a variety of keys is generally required for the different applications. The configuration must be managed on the individual computers and can not be administered conveniently on the gateways only, as is the case with IPsec. Security protocols at the application level tend to be more intelligent as they know the significance of the data being transferred: This of course makes them much more complex, however.
All of these layer-2 protocols only support end-to-end connections; they are therefore not suitable for connectivity entire networks.
On the other hand, these mechanisms do not require the slightest changes to the network devices or access software. And unlike protocols in lower network levels, they are still effective when the data content is already in the computer.
