Mission-Critical Active Directory

This book does not contain a detailed discussion of the communications security features of Windows 2000. In this section we will explore the communications security protocols available in Windows 2000 and how they fit into the TCP/IP networking model. After this we will focus on two communications security areas for which Windows 2000 provides a lot of new features: virtual private networking and remote access security.
Communications security solutions can be applied at the different layers of the TCP/IP networking model. By applying several security solutions at different levels in the TCP/IP stack, a tighter and more solid security framework can be obtained. (This is an excellent example of the defense in depth principle, which was explained earlier in this chapter.) Figure 5.8 illustrates which layer is affected by the communications security protocols included in Windows 2000, as discussed in the following list: