O'Reilly logo

Windows Server® 2008 Networking and Network Access Protection (NAP) by Microsoft Networking Team, Tony Northrup, Joseph Davies

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Deploying IPsec Enforcement

The deployment of IPsec enforcement consists of the following tasks:

  • Configuring Active Directory

  • Configuring PKI

  • Configuring HRAs

  • Configuring NAP health policy servers

  • Configuring remediation servers on the boundary network

  • Configuring NAP clients

  • Configuring and applying IPsec policies

Configuring Active Directory

To configure Active Directory for IPsec enforcement, do the following:

  • Add an IPsec exemption group for computers in the boundary network.

  • Create groups or OUs for boundary and secure network computers.

To Add an IPsec Exemption Group

  1. In the console tree of the Active Directory Users And Computers snap-in, right-click your domain name, point to New, and then click Group.

  2. In the Group Name box, type the name (such as ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required