Internet Protocol Security (IPsec) and Austin Active Directory
What is IPsec?
Internet Protocol Security (IPsec) is a solution for securing data being sent over networks. An IPsec connection between two hosts ensures that both hosts are who they claim to be, and the data is encrypted while in transit. IPsec is transparent to the end users after it has been configured.
How does IPsec work on Austin Active Directory?
The Austin Active Directory implements IPsec through policies. The IPsec policies are stored in a single container and access is restricted to the Austin Domain Administrators. Once an IPsec policy is created, it can be assigned to member computers via Group Policy. Departments seeking to use IPsec in the Austin Active Directory can contact the Austin AD team for more details.
Policy Minimum Requirements
The following are required of any security policy implemented:
- The encryption algorithm must be 3DES or stronger.
- The hashing algorithm must be SHA1 or stronger.
- Pre-shared keys are not supported.
Planning an IPsec Strategy
When planning an IPsec strategy, remember:
- Access to many Austin Disk Service shares require IPsec. Any policy implemented on computers that will access department resources and Austin Disk shares that require IPsec must include both sets of rules.