Windows 2003 IPSec Features
Following are some of the features of Windows 2003 IPSec implementaion.
Windows 2003 IPSec implementaion is policy based. Administrators need to work in Group Policy to configure IPSec in Windows 2003.
Windows 2003 IPSec implementaion can use Kerberos v5, a digital certificate, or a shared secret (string) for user authentication.
IPSec mutually authenticates computers prior to any data being exchanged.
Windows 2003 IPSec implementaion uses Data Encryption Standard (DES) or Triple DES (3DES) for encryption.
Windows 2003 IPSec implementaion uses MD5 (Message Digest) or SHA1 (Secure Hash Algorithm) algorithm for data hashing.
IPSec is transparant to users. IPSec operate at OSI Layer 3 and there is no need for users and applications to directly interact with IPSec.
IPSec Monitor tool is available as a MMC snap-in.
Windows 2003 IPSec implementaion supports 2048 bit Diffie-Hellman key exchange, generating more secure keys.