An encryption error monitoring system for checking packets transmitted
between a private network and an external network. The system includes
includes a detector module (60) which is connected to receive the packet
for determining whether or not the packet is successfully encrypted in
accordance with a specific security protocol such as IPSec (Internet
Protocol Security). The detector module reads from the packet a sender's
address and a destination address, and provides an error signal when the
packet is judged not to be successfully encrypted. A manager module (80)
is connected to the detector module within the private network to create,
upon receipt of the error signal, a report including the sender's address
and the destination address with regard to the packet judged not to be
successfully encrypted. The detector module is configured to have a judge
means (66) which reads a header of the packet and checks whether or not
the header includes a protocol code that matches with a particular code
identifying the specific security protocol. When the header does not
include the protocol code in match with the particular code, the judge
means provides the error signal to notify the encryption error. Thus, the
encryption error can be determined only by referring to the unencrypted
header and therefore without necessitating the decryption of the packet.
