Module 8: Planning and Troubleshooting IPSec. Overview Understanding Default Policy Rules Planning an IPSec Deployment Troubleshooting IPSec Communications.

Slides:



Advertisements
Similar presentations
Guide to Network Defense and Countermeasures Second Edition
Advertisements

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Module 5: Configuring Access to Internal Resources.
Module 5: Configuring Access for Remote Clients and Networks.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Internet Protocol Security (IPSec)
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
1 Enabling Secure Internet Access with ISA Server.
Module 8: Implementing Administrative Templates and Audit Policy.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Security Data Transmission and Authentication
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Securing Windows Servers Using Group Policy Objects
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 9: Securing Network Traffic Using IPSec.
Implementing Network Security
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Implementing Network Access Protection
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
Configuring Encryption and Advanced Auditing
Module 14: Configuring Server Security Compliance
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Windows 7 Firewall.
20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
Module 4: Planning, Optimizing, and Troubleshooting DHCP
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Module 8: Configuring Network Access Protection
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Module 9: Fundamentals of Securing Network Communication.
IT:Network:Apps.  RRAS does nice job of routing ◦ NAT is nice ◦ BASIC firewall ok but somewhat weak  Communication on network (WS to SRV) is in clear.
11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
Securing Data with Internet Protocol Security (IPSec) Designing IPSec Policies Planning IPSec Deployment.
Module 5 Planning and Deploying Message Transport in Microsoft® Exchange Server 2010.
Configuring Network Access Protection
Module 5: Designing Security for Internal Networks.
Hands-On Microsoft Windows Server 2003 Networking Chapter 9 IP Security.
1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.
Securing Network Communications Using IPSec Chapter Twelve.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 10: Planning and Managing IP Security.
Module 7: Implementing Security Using Group Policy.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
Module 10: Windows Firewall and Caching Fundamentals.
Module 10: Implementing Administrative Templates and Audit Policy.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
Securing Access to Data Using IPsec Josh Jones Cosc352.
Security Data Transmission and Authentication Lesson 9.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
11 SECURING NETWORK TRAFFIC WITH IPSEC Chapter 6.
Module 3: Enabling Access to Internet Resources
Enabling Secure Internet Access with TMG
SECURING NETWORK TRAFFIC WITH IPSEC
Configuring and Troubleshooting Routing and Remote Access
Module 8: Securing Network Traffic by Using IPSec and Certificates
* Essential Network Security Book Slides.
Server-to-Client Remote Access and DirectAccess
Module 8: Securing Network Traffic by Using IPSec and Certificates
Presentation transcript:

Module 8: Planning and Troubleshooting IPSec

Overview Understanding Default Policy Rules Planning an IPSec Deployment Troubleshooting IPSec Communications

Lesson: Understanding Default Policy Rules Multimedia: Overview of IPSec Rules for an IPSec Connection Default IPSec Policies Client (Respond Only) Default Policy Rules Server (Request Security) Default Policy Rules Secure Server (Require Security) Default Policy Rules

Multimedia: Overview of IPSec The objective of this presentation is to explain that IPSec is a framework of open standards for ensuring secure, private communication over Internet Protocol networks You will learn how to:  Identify the processes for data encryption, decryption, or signing  Explain the functionality of the IPSec policy agents and drivers  Define the functionality of the ISAKMP service  Explain how the IPSec policy triggers the encryption of data between two computers

Rules for an IPSec Connection RuleDescription IP filter list Specifies which network traffic will be secured, by using inbound and outbound filters Filter action Specifies how traffic matching the filter will be handled (dropped, encrypted, and so on) Authentication methods Specifies how two computers will authenticate themselves to each other (Kerberos, preshared key, or X509 certificates) Tunnel endpoint Allows you to specify a tunnel endpoint for IPSec tunnels Connection type Allows the rule to be applied to LAN traffic, WAN traffic, or both

Default IPSec Policies IPSec uses polices and rules to secure network traffic Rules are composed of:  The type of traffic to match  What to do when traffic matches  An authentication method  Either tunnel or transport mode  The connection type (LAN or WAN) Default polices include:  Client (Respond Only)  Server (Request Security)  Secure Server (Require Security) IPSec uses polices and rules to secure network traffic Rules are composed of:  The type of traffic to match  What to do when traffic matches  An authentication method  Either tunnel or transport mode  The connection type (LAN or WAN) Default polices include:  Client (Respond Only)  Server (Request Security)  Secure Server (Require Security)

Client (Respond Only) Default Policy Rules This policy has the following settings: First rule (default response rule) IP Filter List: Filter Action: Default Response Authentication: Kerberos Tunnel Setting: None Connection Type: All First rule (default response rule) IP Filter List: Filter Action: Default Response Authentication: Kerberos Tunnel Setting: None Connection Type: All This policy enables the computer on which it is active to respond to requests for secured communications USE

Server (Request Security) Default Policy Rules This policy has the following settings: This policy allows the entire communication to be unsecured if the other computer is not IPSec–enabled USE First rule IP Filter List: All IP Traffic Filter Action: Request Security (Optional) Authentication: Kerberos Tunnel Setting: None Connection Type: All First rule IP Filter List: All IP Traffic Filter Action: Request Security (Optional) Authentication: Kerberos Tunnel Setting: None Connection Type: All Second rule IP Filter List: All ICMP Traffic Filter Action: Permit Authentication: N/A Tunnel Setting: None Connection Type: All Second rule IP Filter List: All ICMP Traffic Filter Action: Permit Authentication: N/A Tunnel Setting: None Connection Type: All Third rule IP Filter List: Filter Action: Default Response Authentication: Kerberos Tunnel Setting: None Connection Type: All Third rule IP Filter List: Filter Action: Default Response Authentication: Kerberos Tunnel Setting: None Connection Type: All

Secure Server (Require Security) Default Policy Rules This policy has the following settings: All outbound communication to be secured, allowing only the initial inbound communication request to be unsecured USE First rule IP Filter List: All IP Traffic Filter Action: Require Security Authentication: Kerberos Tunnel Setting: None Connection Type: All First rule IP Filter List: All IP Traffic Filter Action: Require Security Authentication: Kerberos Tunnel Setting: None Connection Type: All Second rule IP Filter List: All ICMP Traffic Filter Action: Permit Authentication: None Tunnel Setting: None Connection Type: All Second rule IP Filter List: All ICMP Traffic Filter Action: Permit Authentication: None Tunnel Setting: None Connection Type: All Third rule IP Filter List: Filter Action: Default Response Authentication: Kerberos Tunnel Setting: None Connection Type: All Third rule IP Filter List: Filter Action: Default Response Authentication: Kerberos Tunnel Setting: None Connection Type: All

Practice: Using Policy-Based Management In this practice, you will discuss the policy- based management of IPSec

Lesson: Planning an IPSec Deployment Determining the IPSec Policy Deployment Method Determining the Authentication Method to Use Determining IPSec Policy Needs Best Practices for Planning IPSec Guidelines for Planning an IPSec Deployment Using Active Directory Guidelines for Planning an IPSec Deployment Using Local Policies

Determining the IPSec Policy Deployment Method In a heterogeneous environment Active Directory Using Local Policies Using Active Directory

Determining the Authentication Method to Use Authentication method Use Kerberos V5 security protocol Clients and servers running Windows 2000 (and later versions) that are part of an Active Directory domain Public key certificate Internet access Remote access to corporate resources External business partners Computers that do not run the Kerberos V5 security protocol Preshared secret key When both computers must manually configure IPSec

Determining IPSec Policy Needs Identify enterprise needs  Evaluate potential threats to determine if IPSec can mitigate them  Identify rules and settings for your policy Create a new policy or modify an existing policy

Best Practices for Planning IPSec Best practices Evaluate the type of information being sent over your network Determine where your information is stored Evaluate your vulnerability to network attacks Design and document an enterprise-wide network security plan Test the IPSec policies in your security plan

Guidelines for Planning an IPSec Deployment Using Active Directory Evaluate Active Directory–based Group Policy for deployment Identify groups of computers that require security Determine where to assign Group Policy Object Evaluate security threats Determine if IPSec can mitigate threats Define the IPSec Policy

Guidelines for Planning an IPSec Deployment Using Local Policies Determine if local Group Policy is the best method for deployment Identify groups of computers that require security Determine if certificate infrastructure is in place Evaluate security threats Determine if IPSec can mitigate threats Determine how policies will be deployed

Practice: Planning an IPSec Deployment In this practice, you will determine the feasibility of a proposed IPSec deployment plan

Lesson: Troubleshooting IPSec Communications IPSec Troubleshooting Tools Viewing Key Exchange Information Using Event Viewer Verifying That a Policy Is Applied Using RSoP

IPSec Troubleshooting Tools Tool Uses IPSec Monitor snap-in Search for all matches for filters of a specific traffic type IP Security Policy Management snap-in Create, modify, and activate IPSec policies Active Directory Users and Computers and Group Policy Troubleshoot policy precedence issues Determine which policies are available, assigned, or applied Resultant Set of Policy (RSoP) Determine which policies are assigned, but not applied to clients Event Viewer View IPSec policy-related events Oakley log View details of the SA establishment process

Viewing Key Exchange Information Using Event Viewer Use Event Viewer to: Verify that security auditing is enabled View IPSec–related events in Event Viewer Verify that security auditing is enabled View IPSec–related events in Event Viewer

Verifying That a Policy Is Applied Using RSoP Using RSoP Logging mode queries  View all IPSec policies that are assigned to a specific client Planning mode queries  View all IPSec policies that are assigned to members of a Group Policy container

Practice: Troubleshooting IPSec Communications In this practice, you will troubleshoot an IPSec communication issue

Lab A: Troubleshooting IPSec Exercise 1: Planning IPSec for a LAN/WAN Environment Exercise 2: Troubleshooting an IPSec Infrastructure

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.