Did you notice I said “IP-based network”? That’s really important because by itself, IPSec can’t be used to encrypt non-IP traffic. This means that if you run into a situation where you have to encrypt non-IP traffic, you’ll need to create a GRE tunnel for it and then use IPSec to encrypt that tunnel!
An IPSec transform specifies a single security protocol with its corresponding security algorithm; without these transforms, IPSec wouldn’t be able to give us its glory. It’s important to be familiar with these technologies, so let me take a second to define the security protocols and briefly introduce the supporting encryption and hashing algorithms that IPSec relies upon.