Windows 7 / Security and Privacy

---

Implement Secure LAN Transmission

Although SSL can be used within a LAN and in an intranet, it requires a security server (which function IIS fulfills) and can get in the way of applications that are working across a LAN. The answer to this is Internet Protocol Security (IPSec), which works between any two computers over a network to supply encrypted transmission of information without a security server and without getting in the way of applications. IPSec is a part of IP and works at the third (Network) layer, below any applications, and therefore seldom interferes with them.

The IPSec Process IPSec is almost totally automated, and once group policies are established for its operation, network users don't realize that their network communication is taking place securely. The process for establishing and carrying out IPSec is as follows:

1. Domain or local computer policies are established that specify what network traffic needs to be secure and how that security will be handled.
2. Based on the policies, IPSec establishes a set of filters to determine which network packets require secure transmission.
3. When IPSec receives from a sending application a series of network packets that require secure transmission, the sending computer passes this fact to the receiving computer. The two computers exchange credentials and authenticate each other according to IPSec policies.
4. Given authentication, the two computers work out an algorithm whereby each computer can generate the same private key without having to transmit the key over the network, again according to IPSec policies.
5. The sending computer uses the private key to encrypt the packets it is transmitting, digitally signs them so that the receiving computer knows who is sending the packets, and then transmits the packets.
6. The receiving computer authenticates the digital signature and then uses the key to decrypt the packets and send them on to the receiving application.

Set Up IPSec To set up and use IPSec, you need to only establish or revise default IPSec policies. You can do that through the IP Security snap-in to the MMC with these steps:

1. Click Start | Run, type mmc, and press enter. The MMC shell opens.
2. Click the File menu, click Add/Remove Snap-in, scroll down, and double-click IP Security Policy Management.
3. Select whether you want to manage security policy for the local computer, the AD domain this computer is a member of, another AD domain, or another computer and click Finish.
4. If it is open, close the Add Standalone Snap-in dialog box and click OK to close the Add Or Remove Snap-ins dialog box. Open the Console Root and click IP Security Policies On Active Directory.
5. Right-click Secure Server and click Properties. In the Rules tab, you will see a list of IP Security Rules.
6. Select the All IP Traffic rule and click Edit. The Edit Rule Properties dialog box opens. Look at each of the tabs and then return to the Filter Action tab.
7. Click Require Security and click Edit, which displays a list of security methods. You can select each of these and click Edit again to select the particular security method you want for a given situation.
8. When you are done, click OK twice and then click Close twice to return to the IPSec console, where you can also click the Close button, answering Yes to save the console settings with the name IPSec.

You can see that the Windows Server 2008 IPSec default is to require security on all IP traffic. This is a safe default; your data will be better protected. The negative side of this default is that the security negotiation between the computers, encrypting and decrypting the data, and the extra bits to transmit, all take time. It also uses a lot more bandwidth on the network. Only you and your organization can determine which is more important-time and bandwidth, or security. The point is that Windows Server 2008 gives you the choice, enabling you to make the determination of which networking aspect has a higher priority