Re: IPSec Filter
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 31 Aug 2006 22:52:30 -0500
Ipsec was primarily designed to secure network traffic via encryption and
insure integrity. It can certainly be used only with filter actions for
block and allow to use as a basic non stateful firewall which means that the
response ports also need to be defined usually via mirroring a filter entry.
So it really can not be like hardware firewall / iptables on linux because
it is not stateful meaning it can not recognize an established session.
Ipsec also has very limited logging abilities. Having said that it is a lot
better than no firewall if for some reason there are no other options and
part of ipsec strength is that it is free, built into the OS, uses limited
resources, and can be configured via Group Policy. Also by default ipsec has
some standard exemptions that can be managed via the registry and they vary
depending on the operating system. The links below may be helpful.
Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;811832
http://www.securityfocus.com/infocus/1559 -- example of creating an ipsec
filtering policy
"beachboy" <jpsteambun@xxxxxxxxxxxx> wrote in message
news:OQUI1ZXzGHA.4844@xxxxxxxxxxxxxxxxxxxxxxx
Can we use IPsec filter as Windows firewall to block the untrust access as
similar as hardware firewall / iptables on linux??
Thanks.
.
- Follow-Ups:
- Re: IPSec Filter
- From: Steven L Umbach
- Re: IPSec Filter
- References:
- IPSec Filter
- From: beachboy
- IPSec Filter
- Prev by Date: IPSec Filter
- Next by Date: Re: Multiple 538 and 540 ID's in 2003 server Security Events Log?
- Previous by thread: IPSec Filter
- Next by thread: Re: IPSec Filter
- Index(es):
Relevant Pages
|
