Internet Protocol Security (IPsec) and Austin Active Directory
What is IPsec?
Internet Protocol Security (IPsec) is a solution for securing data being sent over networks. IPsec a connection between two hosts, ensuring that both hosts are who they claim to be, and the data while in transit. IPsec is transparent to the end users after it has been configured.
How does IPsec work on Austin Active Directory?
The Austin Active Directory implements IPsec through policies. The IPsec policies are stored in a single container and access is restricted to the Austin Domain Administrators. Once an IPsec policy is created, it can be assigned to member computers via Group Policy. Departments seeking to use IPsec in the Austin Active Directory can contact the WES group for more details.
Policy Minimum Requirements
The following are required of any security policy implemented:
- The encryption algorithm must be 3DES or stronger.
- The hashing algorithm must be SHA1 or stronger.
- Pre-shared keys are not supported.
Planning an IPsec Strategy
When planning an IPsec strategy, remember:
- Access to Austin Disk Service via Windows File Sharing requires IPsec. Any policy implemented on computers that will access department resources and Austin Disk Service must include both sets of rules.
Last updated September 28, 2012 @ 10:06 am