MCSA/MCSE Self-Paced Training Kit (Exam 70-214): Implementing and Administering Security in a Microsoft Windows 2000 Network (Pro-Certification)

Chapter 8

IP Security

About This Chapter

Internet Protocol security (IPSec) is an Internet Engineering Task Force (IETF) body of standards that defines a protocol for authenticating and encrypting IP traffic between hosts on an IP network. IPSec allows the hosts to negotiate encryption and authentication methods that are compatible with both the Internet and private IP networks, and appropriate for the type of traffic flowing over the connection.

IPSec operates at the network layer as a component of IP. It can be passed by any intermediate gateways that can route IP packets and can encapsulate IP to create private tunnels for secure point-to-point communications on the Internet. Because it operates at the network layer, it is transparent to higher-level programs and can be added to supplement security for any network application.

Because it is so flexible, configuring IPSec is complex and multifaceted. You use a number of tools to perform configuration and troubleshooting, and there is usually more than one way to accomplish the same goal.

Ensure that you understand the role of IPSec in a network, why you would deploy AH and ESP, and the different methods used to distribute IPSec keys.

Before You Begin

To complete this chapter, you will need

All three of these servers should be on the same local network. You can modify the IP addresses if desired, but remember to use the revised addresses consistently throughout the exercises in this chapter.

Категории