The Server (Request Security) policy is used when you want to request IPSec security for all connections...

Strona startowa Ludzie pragną czasami się rozstawać, żeby móc tęsknić, czekać i cieszyć się z powrotem.soon as possible, but it may not be possible for the socketresources to be released until the connection has completed(and then been reset) or timed out...The performance (speed) and the reliability of the connection with my kppp was much improved after I upgraded from RH5...CRSSSQL ServerdBASE FilesMicrosoft dBase Driver f...2350 Expectations for Computer Security Incident Response...Podniosła osadzone na zawiasach wieko zdobnie rzeźbionej kasetki z czarnego drewna, w której trzymała swoje najbardziej sekretne dokumenty, i zaczęła...Aby włączyć lub wyłączyć aparat przestaw Główny Włącznik...for people to get together and practice their spoken Hebrew, perhaps read articles together (print them from the Israeli newspapers online - www...pardotkn|| si A>2– Bardzo się dziś martwisz... 
 

Ludzie pragną czasami się rozstawać, żeby móc tęsknić, czekać i cieszyć się z powrotem.


This might be used for a file server that must serve both IPSec aware (Windows 2000) clients and non-IPSec-aware clients (such as Windows 9.x and NT). If a connection is established with an IPSec-aware computer, the session will be secure. Unsecured sessions will be established with non-IPSec-aware computers. This allows greater flexibility during the transition from mixed Windows networks to Native Windows 2000 networks.
The Secure Server (Require Security) policy is used when all communications with a particular server need to be secured. Examples include file servers with high impact information and security gateways at either end of an L2TP/IPSec tunnel. The server with the Secure Server policy will always request a secure channel.
Connections will be denied to computers not able to respond to the request.
Security policies are bi-directional. If our Secure Server attempts to connect to non-IPSec-aware network servers such as DNS, WINS, or DHCP servers the connection will fail. It is imperative that you test all scenarios in a lab that simulates your live network before you implement IPSec policies on your life network.
During the testing phase you must assiduously check the event logs to ascertain what services fail because of IPSec policies.
Rules
An IPSec policy has three main components: IP security rules, IP filter lists, and IP filter actions.
Double-click the Server Policy to see the Server (Request Security) Properties sheet, as is shown in Figure 7.7.
http://corpitk.earthweb.com/reference/pro/1928994024/ch07/07-06.html (2 of 3) [8/3/2000 6:54:23 AM]
Configuring Windows 2000 Server Security:IP Security for Microsoft Windows 2000 Server
Figure 7.7 This is the Server (Request Security) Properties sheet.
Rules are applied to computers that match criteria specified in a filter list. An IP filter list contains source and destination IP addresses. These can be individual host IP addresses or network IDs. When a communication is identified as a participant included in an IP filter list, a particular filter action will be applied that is specific for that connection.
The All IP Traffic filter list includes all computers that communicate with the server via TCP/IP. Any instructions in the filter action associated with All IP Traffic will be applied.
First, double-click All IP Traffic filter list. This opens up the Edit Rule Properties dialog box for the All IP
Traffic filter. You should see a tabbed dialog box consisting of five tabs, as shown in Figure 7.8.
Figure 7.8 This is the All IP Traffic Edit Rule Propeties dialog box.
The option button for the IP filter list is selected and a description is included which explains the purpose of the list. Double-click All IP Traffic filter list to see the details of the All IP traffic filter. The Name, Description, and the details of the filter are displayed in the details (see Figure 7.9).
Figure 7.9 This is the IP Filter List Details dialog box.
If you want to see more details regarding the Addressing, Protocol, and Description of the filter, you can click Edit. Click Cancel twice to return to the Edit Rules Properties dialog box.
Previous Table of Contents Next
Products | Contact Us | About Us | Privacy | Ad Info | Home
Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc. All rights
reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement.
http://corpitk.earthweb.com/reference/pro/1928994024/ch07/07-06.html (3 of 3) [8/3/2000 6:54:23 AM]
Configuring Windows 2000 Server Security:IP Security for Microsoft Windows 2000 Server




Configuring Windows 2000 Server Security
by Thomas W. Shinder, M.D., MCSE, MCP+I, MCT, Debra Littlejohn Shinder, MCSE, MCP+I, MCT, D. Lynn White, MCSE, MCPS, MCP+I, MCT
Syngress Publishing, Inc.


ISBN: 1928994024 Pub Date: 06/01/99

Search this book:
Search Tips
Advanced Search

Previous Table of Contents Next


Title

Filter Actions
Filter Actions define the type of security and the methods by which security is established. The primary methods are: Permit, Block, and Negotiate security. The Permit option blocks negotiation for IP security.
This is appropriate if you never want to secure traffic to which this rule applies. The Block action blocks all
-----------