A database server on the network is configured to require IP Security for all connections. I want to ensure that the rest of the machines in the domain can communicate with the server securely. What needs to be done to configure IPSec for the domain? Assuming that I can get by with a default policy, which one should I choose? All help is greatly appreciated, thanks.
Asked
Active
Viewed 153 times
0
-
What DB server ? What OS ? and does it really have to be IPSec or could something like SSL do ? – Geraint Jones Aug 31 '10 at 11:07
1 Answers
0
First, IPSec is not something you configure "on the domain", it is something you configure on individual end-hosts or routers (on routers, it's normally done to provide IPSec tunnels from site to site, so that inter-site traffic is sent encrypted across a network). EDIT: Apparently you can initiate the relevant bits of host configuration within a Windows domain by setting something on the domain controller(s).
Second, what steps to take depends on what operating systems are involved.
Vatine
- 5,440
- 25
- 24
-
1No in the windows world you can set your servers up to require IPSec and have them distribute that need to the clients via Group Policy so it can be done "on the domain", in fact it is a very common requirement in financial institutions. – Geraint Jones Aug 31 '10 at 11:32
-
1Fair enough. I don't normally deal with Windows machines other than as a user and mostly see IPSec as GRE packets flying through the core network. – Vatine Aug 31 '10 at 15:15