Section 5. Implementing IPSec-Encrypted Transport Communications
IPSec encryption provides a security system that encrypts communications from a server to a workstation client system. Rather than using a shared key described earlier in this text, the use of Kerberos encryption managed by an Active Directory group policy provides a simple method of encrypting communications between client systems and servers.
Note
In this case we're using Kerberos for the encrypted authentication method instead of certificates. The reason is that Active Directory does not store a central directory of user certificates that can be distributed by Group Policy for automatic IPSec configuration. However, Windows Active Directory does provide Kerberos for automatic ...
Get Encryption in a Windows Environment: EFS File, 802.1x Wireless, IPSec Transport, and S/MIME Exchange now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.