To simplify Internet Protocol security (IPsec) deployment, Microsoft Windows Vista and Windows Server Code Name Longhorn (now in beta testing) support an enhanced version of the Internet Key Exchange (IKE) protocol known as Authenticated Internet Protocol (AuthIP). AuthIP provides simplified IPsec policy configuration and maintenance in many configurations and additional flexibility for IPsec peer authentication.
Windows® XP and Windows Server 2003 support IPsec protection of traffic using built-in components that are integrated with the TCP/IP stack. To configure IPsec, you must configure and activate an IPsec policy, which can be done for individual computers or for an Active Directory® directory service container (a domain, site, or organizational unit) through a Group Policy object (GPO). Active Directory-based GPOs allow central configuration and automated distribution of IPsec policy to all domain member computers. An IPsec policy consists of general settings and one or more rules, which determine the types of traffic IPsec must examine, how traffic is treated (permitted, blocked, or protected), how to authenticate an IPsec peer, and other settings.Read Full Story