How do I turn IPsec on a Win2k3 domain?

How do I turn IPsec on a Win2k3 domain?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
How do I turn IPsec on a Win2k3 domain? SW 07-15-2005
Posted by =?Utf-8?B?U1c=?= on July 15, 2005, 4:45 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi, I have heard is good to turn IPsec on over the Win2k3 network? I
remember ages ago a former support guy said we don't use it, but I thought it
was used as a default. Should we use it? If so how?

Thanks

A

Posted by Miha Pihler [MVP] on July 15, 2005, 3:13 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi,

IPSec can be provide a good layer of security but it may not necesarly be
easy to setup (it requires some planning). E.g. if you print directly to
network printers and you just turn on the IPSec good chance is you won't be
able to print (since you can't establish IPSec connection with the
printer)...

Here are some very good information on how to setup IPSec in your network...

Server and Domain Isolation Using IPsec and Group Policy
http://www.microsoft.com/technet/security/topics/architectureanddesign/ipsec/default.mspx

Server and Domain Isolation Using IPsec and Group Policy
http://www.microsoft.com/downloads/details.aspx?FamilyId=404FB62F-7CF7-48B5-A820-B881F63BC005&displaylang=en

Improving Security with Domain Isolation
http://www.microsoft.com/technet/itsolutions/msit/security/ipsecdomisolwp.mspx

IPsec
http://www.microsoft.com/windowsserver2003/technologies/networking/ipsec/default.mspx

I hope it helps you out,

--
Mike
Microsoft MVP - Windows Security

> Hi, I have heard is good to turn IPsec on over the Win2k3 network? I
> remember ages ago a former support guy said we don't use it, but I thought
> it
> was used as a default. Should we use it? If so how?
>
> Thanks
>
> A



Posted by Roger Abell on July 15, 2005, 6:43 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Yes, good advantage can be had for many environments.
Mike has given you the right links - note that the "isolation"
papers are rather recent publications.
Also, as you indicate W2k3 you should look at using the
SCW (security configuration wizard) which can help you
tighten use of the SP1 firewall.
--
Roger Abell
Microsoft MVP (Windows Security)

> Hi, I have heard is good to turn IPsec on over the Win2k3 network? I
> remember ages ago a former support guy said we don't use it, but I thought
it
> was used as a default. Should we use it? If so how?
>
> Thanks
>
> A



Similar ThreadsPosted
Re: Viewing Win2k3 Event logs remotely in a Win2k Domain May 26, 2005, 5:50 pm
IPSEC with non-domain Server September 15, 2005, 5:02 pm
getting IPSec Certificates for VPN access for non domain members January 4, 2007, 11:02 am
Domain Isolation and non-windows IPSec capable systems September 5, 2007, 5:56 am
How does domain isolation with Windows 2003 IPsec happen? October 28, 2008, 11:56 pm
domain users added to local administrators cannot use the IPSEC certification of administrator? February 9, 2006, 12:26 am
Can IPSec connect 2 VPN Clients or is ALWAYS an IPSec server needed ? July 25, 2005, 3:40 pm
NT4 to Win2K3 July 19, 2005, 12:35 pm
using secpol.msc on win2k3 September 29, 2006, 12:00 am
windows FW turn off thru GPO March 7, 2006, 6:57 am

The site map in XML format XML site map

Contact Us | Privacy Policy