Title: SECURING NETWORK TRAFFIC WITH IPSEC
1SECURING NETWORK TRAFFIC WITH IPSEC
2GOALS OF IPSEC
- Protects the contents of IP packets
- Provides defense against network attacks
P178
3PROTECTING AGAINST SECURITY ATTACKS
P178
4WHAT IS IPSEC?
- IPSec is an architectural framework that provides
cryptographic security services for IP packets.
P179
5IPSEC SECURITY FEATURES
- Automatic security association (SA)
- IP packet filtering
- Network layer security
- Peer authentication
- Data origin authentication
- Data integrity
- Data confidentiality
- Anti-replay
- Key management
P180
6NEW IPSEC FEATURES IN MICROSOFT WINDOWS SERVER
2003
- The IP Security Monitor snap-in
- Stronger cryptographic master key
- The Netsh command-line tool
- Computer startup security
- Persistent policies
- Improved IPSec functionality over Network Address
Translation (NAT) - Improved load balancing
- Resultant Set of Policies (RSoP)
P181
7IPSEC PROTOCOLS
- Authentication Header (AH)
- Encapsulating Security Payload (ESP)
P182
8IPSEC MODES
- Transport mode
- Tunnel mode
P182
9SECURITY ASSOCIATIONS (SAs)
- Internet Security Association and Key Management
Protocol (ISAKMP) - IPSec
- Security Parameters Index (SPI)
P183
10INTERNET KEY EXCHANGE (IKE)
- Oakley Key Determination Protocol
- Diffie-Hellman key exchange
- Dynamic rekeying
P184
11IPSEC POLICY AGENT SERVICE
P185
12IPSEC DRIVER
P186
13SECURITY NEGOTIATION PROCESS
P188
14IPSEC SECURITY POLICIES
P191
15COMPONENTS OF IPSEC POLICIES
P191
16DEFAULT IPSEC SECURITY POLICIES
- Server (Request Security)
- Client (Respond Only)
- Secure Server (Require Security)
P191
17DEPLOYING IPSEC POLICIES
- Using local policies
- Using the Active Directory directory service
- Mixed-mode environment
- Persistent policies
P193
18IMPLEMENTING IPSEC USING CERTIFICATES
- X.509 certificates
- Role of a certification authority (CA)
P195
19CONFIGURING IPSEC TO USE A CERTIFICATE
P196
20IPSEC AND NAT
- Problems associated with IPSec and NAT
- IKE over NAT
P197
21MONITORING IPSEC USING IP SECURITY MONITOR
P198
22IPSEC-RELATED EVENTS IN EVENT VIEWER
P201
23USING NETSH AND NETDIAG TO MANAGE AND MONITOR
IPSEC
P202
24SUMMARY
- The purpose and features of IPSec in a Windows
Server 2003 environment - IPSec protocolsAH and ESP
- IPSec modestransport and tunnel
- SAs
- IKE
- IPSec Policy Agent
25SUMMARY (continued)
- IPSec security policies
- Deploying IPSec security policies
- IPSec and NAT
- Tools for managing and monitoring IPSec
26Lab 6
- Securing Network Traffic by using IPSEC
- 130 minutes