How does domain isolation with Windows 2003 IPsec happen?
- From: Simon <xchenum@xxxxxxxxx>
- Date: Tue, 28 Oct 2008 22:06:54 -0700 (PDT)
Hi all,
I have a question regarding implementing domain isolation with IPsec
support from Windows 2003 (or higher.)
From the examples online, you only need to join a few machines intothe domain and they are magically protected from outsider attacks and
eavesdropping. I am wondering how exactly this should be configured,
especially using a group policy distributed from the domain
controller.
How should I write this policy in the domain controller? The most
naive way is to list all the IP addresses of all the domain members in
a filter list, and apply "secure" action to this filter. My questions
is, what if a new computer joins the domain or someone left? Do I,
presumably the domain admin, need to reconfigure the filter list every
time?
Is there a better way of doing this? Or, can some one show me the
correct way of doing it?
Thanks a lot!
-Simon
.
- Prev by Date: Re: Disabling Cached Credentials Question
- Next by Date: Re: Outlook Web Access/Symantec endpoint
- Previous by thread: failsafe PKI (Server 2008)
- Next by thread: Server 2008 RAS/NPS setup
- Index(es):
Relevant Pages
|
