Re: IPsec question

gonzangus · ‎01-27-2006

Can IPsec in windows server 2003 be used for filtering the traffic from one internal net to the Internet???

Igor Karasik · ‎01-27-2006

Gonzangus,
I think IPSec can be used in addition to a firewall, but not as firewall replacement.
IPSec filtering lacks logging and
alerting, NAT feature, statefull inspection, any protection against IP spoofing and other things which any basic firewall have.
If you connect your internal network to Internet you will need some type of content security solution (TrendMicro,Esafe,etc) as well (in addition to firewall).
See this link as well
http://securityadmin.info/faq6.asp#firewall

I think also that I misunderstand you previous question (with Subject: "Security question") - windows 2003 built-in firewall can only protect windows 2003 server itself but not entire network - you need ISA or other firewalls for it.

Ivan Ferreira · ‎01-28-2006

IPsec is used to secure the communication between the client and the server. Is not used for packet filtering. You could in fact, assign a policy that rejects insecure communications on the client, but the performance costs of ipsec is too high to enable it if you don't really need it.

You should use an ISA server or another firewall solution for this purpose.

Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: IPsec question

IPsec question

Re: IPsec question

Re: IPsec question