MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure: Exam 70-293 Study Guide

Securing sensitive or mission-critical data is an important part of the network administrator s job. Data is especially vulnerable to interception as it travels across the network. Windows Server 2003 includes Microsoft s implementation of the Internet standard IP Security (IPSec) protocol, for the purpose of protecting data in transit. This chapter deals with how to work with Windows Server 2003 s IPSec. We start by introducing IPSec terminology and concepts and explaining how IPSec works under the hood to secure data in transit over the network. We discuss the purposes of IPSec encryption: authentication, integrity, and confidentiality. You ll learn about how IPSec operates in either of two modes: tunnel or transport.
Although we refer to IPSec as a protocol, it is actually a framework, or a collection of protocols and standards designed to protect IP data in transit. In this chapter, you ll learn about the protocols used by IPSec. These include the two primary protocols: the Authentication Header (AH) protocol and the Encapsulating Security Payload (ESP) protocol. We ll also discuss the roles of additional protocols used by IPSec, including the Internet Security and Key Management Protocol (ISAKMP), Internet Key Exchange (IKE), the Oakley key-determination protocol, and the Diffie-Hellman key-agreement protocol. You ll learn about Windows Server 2003 s IPSec components the IPSec driver and the IPSec Policy Agent service. We ll also discuss the relationship of IPSec to Internet Protocol version 6 (IPv6).
Next, we ll show you how to deploy IPSec on your network, taking into consideration organizational needs and security levels, and help...