Managing and Maintaining IPSec Policy

IPSec policies are stored and available for domain-wide access. When you create an IPSec policy in one GPO, you can edit other GPOs in a site, domain, or OU and assign the IPSec policy within those GPOs as well.

Activating and Deactivating IPSec Policies

Within Active Directory domains and on local computers, there are three default IPSec policies:

  • Server (Request Security). Any server processing this policy will request secure communications from all clients. Secure communications will not be required, however, if a client does not support it. For example, Windows NT 4.0 clients are not IPSec-aware and cannot support IPSec.

  • Client (Respond Only). Any client processing this policy will communicate unsecured normally ...

Get Microsoft® Windows® Group Policy Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.