It is not uncommon for communications across untrusted networks to be protected using VPNs, SSL, and S/MIME to provide confidentiality (keeping information secret), integrity (making sure the information sent is the information received), and authentication (ensuring that communications are coming from who and where they claim to come from). Firewalls act as the demarcation points between public and private networks. Many organizations ignore security in their private networks. As an IT professional, you may have been taught to regard internal communications as “trusted” (that is, free from malicious attack or unauthorized capture and monitoring). However, today, you cannot afford to do so. Self-propagating malware, disgruntled and clueless employees, and attacks that pierce perimeter defenses (or navigate around them), all provide ample motivation for protecting internal communications. In a modern Windows network, you can protect communications using Internet Protocol Security (IPSec).

IPSec, an Internet standard protocol, is built into the TCP/IP stack of Windows 2000, Windows XP, and Windows Server 2003. It can be used to do the following: