Objective 3.2: Configure IPSec Policies to Secure Communication between Networks and Hosts

IPSec filters are a powerful way of securing communications between hosts and servers on a network. Using IPSec filters, hosts sending and receiving e-mail can do so via an encrypted connection rather than transmitting in an insecure manner. Most e-mail is textual information that, if not encrypted via IPSec, could be easily intercepted and read by a nefarious user with a packet sniffer. Using IPSec filters to secure this communication lessens the need for users to manually encrypt messages before they are sent or decrypt others when they arrive. Similarly, IPSec can be used to encrypt communications between a Web server on a screened subnet and a computer running Microsoft SQL Server on the internal network. This is especially useful if the computer running SQL Server hosts confidential data about customers of your company. IPSec filters can use three forms of authentication. The default method is Kerberos, which is used for computers that reside within the same domain or forest. The second method is to use a shared certificate from a trusted certificate authority. Finally, a preshared key can be used. IPSec policies are not limited to one single authentication method, and another method can be used as a fallback if the first one fails.