Monday, 5 November 2007

IPsec (MCP Series)

IPsec is a suite of protocols designed to secure IP traffic. IP Sec can be activated on a computer using the local security policy, domain controller security policy, or using group policy (local computer security policy shown below in figure 1).


Figure 1: Configuring IPSec using the local computer policy.

There are three default IPSec Policies:
  • Secure Server (Requires IPSec) – Can be assigned to any 2000+ OS.
  • Server (Requests IPSec).
  • Client (Respond only).
The default policies are shown in figure 1.



There are three security methods available when using IPSec. They are (also shown in figure 2):
  • AH - Authentication Header provides data integrity protection.
  • ESP - Encapsulating Security Payload provides data integrity and encryption.
Figure 2: Security methods available when using IPSec.

There are three IPSec Authentication Methods, they are (also shown in figure 3):
  • Kerberos (Active Directory) – Most secure, use for computers in the same AD forest.
  • Certificates – Secure, use for computers not in the same forest.
  • Preshared key – plain text password stored on both computers, least secure.
Figure 3: IPSec Authentication Protocols.

Additional Information:

  • IPSec is a layer 3 protocol and can be used to secure TCP and UDP traffic. IPSec is often used for VPN connections.
  • ISAKMP (Internet Security Association and Key Management Protocol) is a protocol for establishing Security Associations (SA) - Wikipedia.
  • he Oakley Key Determination Protocol is a key-agreement protocol that allows authenticated parties to exchange keying material across an insecure connection - Wikipedia.

No comments:

Post a Comment