IP sec

By -

Internet Protocol security (IPsec) uses cryptographic security services to protect communications over Internet Protocol (IP) networks. IPsec supports network-level peer authentication,such as secure the data sent between two computers, such as an application server and a database server. IPSec is completely transparent to applications because encryption, integrity and authentication services are implemented at the transport level. Applications continue to communicate with one another in the normal manner using TCP and UDP ports.

When two computers (peers) use IPsec to communicate, they create two kinds of security associations. In the first, called main mode or phase one, the peers mutually authenticate themselves to each other, thus establishing trust between the computers. In the second, called quick mode or phase two, the peers will negotiate the particulars of the security association, including how they will digitally sign and encrypt traffic between them.

The Internet Key Exchange (IKE) protocol is the mechanism by which IPsec security associations negotiate their protection suites and exchange signing or encryption keys. IKE defines how the peers communicate policy information and how authentication messages are constructed and exchanged.
 
In Windows 7, Windows Server 2008 R2, Windows Vista and Windows Server 2008, you can configure IPsec behavior by using the Windows Firewall with Advanced Security snap-in. In earlier versions of Windows, IPsec was a stand-alone technology separate from Windows Firewall
An IPSec policy consists of a set of filters, filter actions, and rules.
A filter consists of:
A source IP address or range of addresses.
A destination IP address or range of addresses.
An IP protocol, such as TCP, UDP, or "any."
Source and destination ports (for TCP or UDP only).
Filters can also be mirrored on two computers. A mirrored filter applies the same rule on client and server computer (with the source and destination addresses reversed).
A filter action specifies actions to take when a given filter is invoked. It can be one of the following:
Permit. The traffic is not secured; it is allowed to be sent and received without intervention.
Block. The traffic is not permitted.
Negotiate security. The endpoints must agree on and then use a secure method to communicate. If they cannot agree on a method, the communication does not take place. If negotiation fails, you can specify whether to allow unsecured communication or to whether all communication should be blocked.
A rule associates a filter with a filter action.
A mirrored policy is one that applies rules to all packets with the exact reverse of the specified source and destination IP addresses. A mirrored policy is created in this How To.

Comments

Post a Comment

Popular posts from this blog

Boot configuration Data Store --BCDEdit /set

By -
The  BCDEdit /set  command sets a boot entry option value in the Windows boot configuration data store (BCD). Use the  BCDEdit /set  command to configure specific boot entry elements, such as kernel debugger settings, data execution protection (DEP) and processor address extension (PAE) options, and to load alternate hardware abstraction layer (HAL) and kernel files. You can use these boot entry options when you are testing and debugging your driver for Windows Vista, Windows 7, and later versions of Windows. bcdedit /set [{ID}] datatype value Parameters [ { ID }] The  { ID }  is the GUID that is associated with the boot entry. If you do not specify an  { ID } , the command modifies the current operating system boot entry. If a boot entry is specified, the GUID associated with the boot entry must be enclosed in braces  { } . To view the GUID identifiers for all of the active boot entries, use the  bcdedit /enum  command. datatype value The fol
Read more

ADSI Edit

By -
Image
ADSI Edit (adsiedit.msc) Updated: March 19, 2010 Applies To: Windows SBS 2008, Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows Server 2008 R2 Active Directory® Service Interfaces Editor (ADSI Edit) is a Lightweight Directory Access Protocol (LDAP) editor that you can use to manage objects and attributes in Active Directory. ADSI Edit (adsiedit.msc) provides a view of every object and attribute in an Active Directory forest. You can use ADSI Edit to query, view, and edit attributes that are not exposed through other Active Directory Microsoft Management Console (MMC) snap-ins: Active Directory Users and Computers, Active Directory Sites and Services, Active Directory Domains and Trusts, and Active Directory Schema. This topic includes the following sections: Installing ADSI Edit Using ADSI Edit
Read more

Userenv logging (User Environment logging)

By -
When you enable userenv logging, you can perform debug logging of the user profile and the system policy processes. Userenv log files also contain information about the status of each Group Policy extension, such as Application Deployment, Security, and Folder Redirection. Userenv log files reveal what is occurring in the background as a user logs on   Userenv.log file located in the %SystemRoot%\Debug\UserMode folder Userenv log files contains information about the following: Group Policy settings that are not processed or not applied as expected Folder redirection that does not occur Profile or registry hive load, unload, or deletion failures Logon script, or script not applied as expected Default behaviors occurring because a slow link was detected Roaming profile issues Slow logon issues Whether a given GPO is accessible, and if not, why access was denied. The name of the domain controller that is accessing SYSVOL. The Userenv log has a maximum size of 1 megabyt
Read more