Network data within your site (local network and subnets) is secured by the authentication protocol. For an additional level of security, you can also choose to encrypt network data within a site. Using Internet Protocol security, you can encrypt all network communication for specific clients or for all
Internet Protocol Security (IPSec)
Comprises a suite of cryptography-based protection services and security protocols
Routing and Remote Access
Configures remote access protocols and routing
Internet Authentication Service (IAS)
Provides security and authentication for dial-in users
IPSec provides computer-level authentication, as well as data encryption, for virtual private network (VPN) connections that use the Layer 2 Tunneling Protocol (L2TP). IPSec is negotiated between your computer and a L2TP-based VPN server before an L2TP connection is established. This negotiation secures both passwords and data. L2TP uses standard PPP-based authentication protocols, such as Extensible Authentication Protocol (EAP), Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), MS-CHAP version 2, CHAP, Shiva Password Authentication Protocol (SPAP), and Password Authentication Protocol (PAP) with IPSec.
Encryption is determined by the IPSec Security Association (SA). A security association is a combination of a destination address; a security protocol; and a unique identification value, called a Security Parameters Index (SPI). The available encryptions include
Data Encryption Standard (DES), which uses a 56-bit key
Triple DES (3DES), which uses three 56-bit keys and is designed for
The Routing and Remote Access service for the Windows Server 2003 family is a
An advantage of the Routing and Remote Access service is integration with the Windows Server 2003 family. The Routing and Remote Access service delivers many cost-saving features, and it works with a wide variety of hardware platforms and hundreds of network adapters. The Routing and Remote Access service is extensible with application programming interfaces (APIs) that developers can use to create custom networking solutions and that new
Internet Authentication Service (IAS) in the Standard Edition, Enterprise Edition, and Datacenter Edition of Windows Server 2003 is the Microsoft implementation of a Remote Authentication Dial-In
As a RADIUS server, IAS
As a RADIUS proxy, IAS forwards authentication and accounting messages to other RADIUS servers. RADIUS is an Internet Engineering Task Force (IETF) standard.