Chapter 11. Protecting Network Communications with Internet Protocol Security
It is not uncommon for communications across untrusted networks to be protected using VPNs, SSL, and S/MIME to provide confidentiality (keeping information secret), integrity (making sure the information sent is the information received), and authentication (ensuring that communications are coming from who and where they claim to come from). Firewalls act as the demarcation points between public and private networks. Many organizations ignore security in their private networks. As an IT professional, you may have been taught to regard internal communications as “trusted” (that is, free from malicious attack or unauthorized capture and monitoring). However, today, you cannot afford to do so. Self-propagating malware, disgruntled and clueless employees, and attacks that pierce perimeter defenses (or navigate around them), all provide ample motivation for protecting internal communications. In a modern Windows network, you can protect communications using Internet Protocol Security (IPSec).
IPSec, an Internet standard protocol, is built into the TCP/IP stack of Windows 2000, Windows XP, and Windows Server 2003. It can be used to do the following:
- Prevent an individual computer from receiving external communications
IPSec can be used to block all communications from specific computers, some types of communication from specific computers, or some types of communications from all computers. For example, using IPSec, ...
Get Windows Server 2003 Network Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.