Network security technologies built into iOS ensure that users are authorized and that their data is protected during transmission over Wi-Fi and cellular connections.
iOS network security supports:
Built-in Cisco IPSec, IKEv2, L2TP, PPTP
SSL VPN via App Store apps
Transport Layer Security (TLS v1.0, TLS v1.1, TLS v1.2) and DTLS
SSL/ with X.509 certificates
WPA/WPA2 Enterprise with 802.1X
RSA SecurID, CRYPTOCard
Many enterprise environments have some form of virtual private network (VPN). These VPN services typically require minimal setup and configuration to work with Apple devices, which integrate with many commonly used VPN technologies.
For more information, see the VPN overview section of this reference.
iOS supports SSL v3 and Transport Layer Security (TLS v1.0, 1.1, and 1.2). Safari, Calendar, Mail, and other Internet apps automatically use these to enable an encrypted communication channel between iOS and OS X and corporate services.
iOS 9 or later and OS X El Capitan or later requires a 1024 or larger bit group when negotiating a TLS/SSL connection with Diffie-Hellman key exchange.
iOS 9 or later and OS X El Capitan or later also adds support for TLS v1.2 in 8021.X authentication. Authentication servers that support TLS v1.2 may require updates for compatibility:
Apple devices support WPA2 Enterprise to provide authenticated access to your enterprise wireless network. WPA2 Enterprise uses 128-bit Advanced Encryption Standard (AES) encryption, so user data is protected when communicating over a Wi-Fi network.
With support for 802.1X, iOS devices can be integrated into a broad range of RADIUS authentication environments. iOS supports 802.1X wireless authentication protocols, including:
EAP-SIM (carrier only)
PEAPv0 (EAP-MSCHAPv2, the most common form of PEAP)
PEAPv1 (EAP-GTC, less common and created by Cisco)
For more information, see the Wi-Fi section of this reference.
FaceTime and iMessage encryption
iOS and OS X create a unique ID for each FaceTime and iMessage user, ensuring communications are encrypted, routed, and connected properly.