Typical Security Enhancement Methods
1. Access prohibited (Block)
2. Allow access (Permit)
3. Authenticate)
4. tamperproof)
5. Encryption (encrypt)
IPSec is a group of protocols and services. IPSec provides a variety of security services for IP-level (that is, the network layer) communication. These security services include:
- Certification-who are you talking about? Who are you talking about?
- Integrity-what you told me, I told you, is the original story that has not been changed by others.
- Confidentiality-others cannot understand what we are talking about.
IPSec consists of three major protocols:
- Authentication Header (AH): This function ensures data integrity and prevents replay attacks.
- Encapsulating Security Payload (ESP): ensures data integrity, prevents replay attacks, and encrypts data.
- Internet Key Exchange (IKE): provides an encryption infrastructure for keys and negotiation.
IPSec supports two modes to convert the original IP package to a protected IP package. The transport mode and tunnel mode can help you get the basic understanding of IPSec.
Related tools
IPSec management snap-in
Netsh IPSec
Netsh-c "advfirewall consec" show rule name = all type = dynamic
Netsh-c "advfirewall firewall" show rule name = all type = dynamic
Ipseccmd.exe
Network Monitor
References
Http://support.microsoft.com/servicedesks/webcasts/seminar/shared/asp/view.asp? Url =/servicedesks/webcasts/en/wc032205/manifest. xml
Chapter 13-Internet Protocol Security and packet filtering
Http://technet.microsoft.com/en-us/library/bb727017.aspx