Benefits of IPsec

IPsec is a suite of protocols that allows secure, encrypted communication between two computers over an unsecured
network
• IPsec has two goals: to protect IP packets and to defend against network attacks
• Configuring IPsec on sending and receiving computers enables the two computers to send secured data to each other
• IPsec secures network traffic by using encryption and data signing
• An IPsec policy defines the type of traffic that IPsec examines, how that traffic is secured and encrypted, and how IPsec peers are authenticated

Recommended Uses of IPsec

Recommended uses of IPsec include:
• Authenticating and encrypting host-to-host traffic
• Authenticating and encrypting traffic to servers
• L2TP/IPsec for VPN connections
• Site-to-site tunneling
• Enforcing logical networks

Tools Used to Configure IPsec

To configure IPsec, you can use:
• Windows Firewall with Advanced Security MMC (used for Windows Server 2008 and Windows Vista)
• IP Security Policy MMC (Used for mixed environments and to configure policies that apply to all Windows versions)
• Netsh command-line tool

What Are Connection Security Rules?
Connection security rules involve:
• Authenticating two computers before they begin communications
• Securing information being sent between two computers
• Using key exchange, authentication, data integrity, and data encryption (optionally)
How firewall rules and connection rules are related:
• Firewall rules allow traffic through, but do not secure that traffic
• Connection security rules can secure the traffic, but creating a connection security rule does not allow traffic through the firewall

Demonstration: Configuring General IPsec Settings

In this demonstration, you will see how to configure
General IPsec settings in Windows Firewall with
Advanced Security

Determining a Usage Profile

Windows supports three network types, and programs can use these locations to automatically apply the appropriate configuration options:
• Domain: selected when the computer is a domain member
• Private: networks trusted by the user (home or small office network)
• Public: default for newly detected networks, usually the most restrictive settings are assigned because of the security risks present on public networks
Security Settings can change dynamically with the network location type The network location type is most useful on portable computers which are likely to move from network to network

Si le lien ne fonctionne pas correctement, veuillez nous contacter (mentionner le lien dans votre message)
Configuring IPsec (1152 KO) (Cours PDF)