Windows Server4--IPSec
合集下载
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Security Between Computers
Windows 2000 Professional
Windows 2000 Server
Configuring IPSec for Security Between Networks
Using IPSec in Tunnel Mode
Examining the Role of IPSec in a Network
Active Directory
IPSec Policy
IPSec Policy
Security Association Negotiation TCP Layer IPSec Driver Encrypted IP Packets TCP Layer IPSec Driver
Number of IPSec Policy Filter Entries
Configuring TCP/IP for Server Security
Console1 – [Console Root\IP Security Policies on Local Machine]
Console Windows Help
Security Between Networks
Router Windows 2000-based Server/Router
Router Windows 2000-based Server/Router
Customizing IPSec Policies
Rule Components
Review
Introduction to IPSec Implementing IPSec
Configuring TCP/IP for Server Security
Troubleshooting Network Protocol Security
Action
View Favorites Description Communicate normally (unsecu… For all IP traffic, always request… Fo Assign require … All Tasks Delete Rename Properties Help Policy Assigned No No Yes
Optimizing IPSec Performance
To Ensure High Availability of IPSec Service, Consider:
Level of Security Required
Security Requirements of the Computer
Implementing IPSec
Enabling IPSec Configuring IPSec for Security Between Computers
Configuring IPSec for Security Between Networks
Customizing IPSec Policies Choosing an Encryption Scheme Testing an IPSec Policy Assignment Optimizing IPSec Performance
第四章:使用IPSec配置 网络安全
Overview
Introduction to IPSec Implementing IPSec
Configuring TCP/IP for Server Security
Troubleshooting Network Protocol Security
Introduction to IPSec
Identifying Security Issues with Networks Examining the Role of IPSec in a Network
Identifying Security Issues with Networks
Common Types of Network Attacks
Network monitoring
Data modification Passwords Address spoofing Application-layer
Man-in-the-middle
Denial-of-service
Name Client (Respond Only) Console Root Server (Request Security) IP Security Policies on Local Machine Secure Server (Require Sec…
Configuring IPSec for Security Between Computers
Using IPSec in Transport Mode
Enforces IPSec policies for traffic between systems Supports Windows 2000 Provides end-to-end security Is the default mode for IPSec
Enforces IPSec policies for all Internet traffic Supports legacy operating systems predominantly Supports point-to-point security Specifies tunnel endpoint at both routers
SHA MD5 56-bit DES
Packet Encryption
40-bit DES
3DES
Testing an IPSec Policy Assignment
Using the Ping Command to Verify That a Valid Network Connection Using IPSec Monitor to Verify That a Policy Has Been Assigned
Baidu Nhomakorabea
Tunnel Endpoint
IPSec Policy Rule 1
Filter 1 Filter Action Filter 2 Filter Action
Network Type
Authentication Method Rule 2
Filter 1 Filter Action Filter 2 Filter Action
IP Filter List
Filter Action
Default Response Rule
Choosing an IPSec Encryption Scheme
To Choose an Authentication and Encryption Scheme:
Authentication Encryption
Ensure That the Policies Are Assigned to Both Err or Computers
Err or Ensure That the Policies Are Compatible with Each Other Err or Ensure That All Changes Are Applied
Tree Favorites
Name Client (Respond Only) Console Root Server (Request Security) IP Security Policies on Local Machine Secure Server (Require Sec…
Assign this policy, attempt to make it active
Troubleshooting Network Protocol Security
Err or
Review the System and Security Logs for Error Messages
Confirm That a Security Association Is Established Err or Between the Computers
Enabling IPSec
Console1 – [Console Root\IP Security Policies on Local Machine]
Console Action Tree Favorites Windows Help View Favorites Description Communicate normally (unsecu… For all IP traffic, always request… For all IP traffic, always require … Policy Assigned No No Yes
Windows 2000 Professional
Windows 2000 Server
Configuring IPSec for Security Between Networks
Using IPSec in Tunnel Mode
Examining the Role of IPSec in a Network
Active Directory
IPSec Policy
IPSec Policy
Security Association Negotiation TCP Layer IPSec Driver Encrypted IP Packets TCP Layer IPSec Driver
Number of IPSec Policy Filter Entries
Configuring TCP/IP for Server Security
Console1 – [Console Root\IP Security Policies on Local Machine]
Console Windows Help
Security Between Networks
Router Windows 2000-based Server/Router
Router Windows 2000-based Server/Router
Customizing IPSec Policies
Rule Components
Review
Introduction to IPSec Implementing IPSec
Configuring TCP/IP for Server Security
Troubleshooting Network Protocol Security
Action
View Favorites Description Communicate normally (unsecu… For all IP traffic, always request… Fo Assign require … All Tasks Delete Rename Properties Help Policy Assigned No No Yes
Optimizing IPSec Performance
To Ensure High Availability of IPSec Service, Consider:
Level of Security Required
Security Requirements of the Computer
Implementing IPSec
Enabling IPSec Configuring IPSec for Security Between Computers
Configuring IPSec for Security Between Networks
Customizing IPSec Policies Choosing an Encryption Scheme Testing an IPSec Policy Assignment Optimizing IPSec Performance
第四章:使用IPSec配置 网络安全
Overview
Introduction to IPSec Implementing IPSec
Configuring TCP/IP for Server Security
Troubleshooting Network Protocol Security
Introduction to IPSec
Identifying Security Issues with Networks Examining the Role of IPSec in a Network
Identifying Security Issues with Networks
Common Types of Network Attacks
Network monitoring
Data modification Passwords Address spoofing Application-layer
Man-in-the-middle
Denial-of-service
Name Client (Respond Only) Console Root Server (Request Security) IP Security Policies on Local Machine Secure Server (Require Sec…
Configuring IPSec for Security Between Computers
Using IPSec in Transport Mode
Enforces IPSec policies for traffic between systems Supports Windows 2000 Provides end-to-end security Is the default mode for IPSec
Enforces IPSec policies for all Internet traffic Supports legacy operating systems predominantly Supports point-to-point security Specifies tunnel endpoint at both routers
SHA MD5 56-bit DES
Packet Encryption
40-bit DES
3DES
Testing an IPSec Policy Assignment
Using the Ping Command to Verify That a Valid Network Connection Using IPSec Monitor to Verify That a Policy Has Been Assigned
Baidu Nhomakorabea
Tunnel Endpoint
IPSec Policy Rule 1
Filter 1 Filter Action Filter 2 Filter Action
Network Type
Authentication Method Rule 2
Filter 1 Filter Action Filter 2 Filter Action
IP Filter List
Filter Action
Default Response Rule
Choosing an IPSec Encryption Scheme
To Choose an Authentication and Encryption Scheme:
Authentication Encryption
Ensure That the Policies Are Assigned to Both Err or Computers
Err or Ensure That the Policies Are Compatible with Each Other Err or Ensure That All Changes Are Applied
Tree Favorites
Name Client (Respond Only) Console Root Server (Request Security) IP Security Policies on Local Machine Secure Server (Require Sec…
Assign this policy, attempt to make it active
Troubleshooting Network Protocol Security
Err or
Review the System and Security Logs for Error Messages
Confirm That a Security Association Is Established Err or Between the Computers
Enabling IPSec
Console1 – [Console Root\IP Security Policies on Local Machine]
Console Action Tree Favorites Windows Help View Favorites Description Communicate normally (unsecu… For all IP traffic, always request… For all IP traffic, always require … Policy Assigned No No Yes