资源描述:
《windows2000中的网际协议安全》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库。
1、TheInternetprotocolsecurityinWindows2000heInternetprotocolsecurity(IPSec)TheInternetprotocolsecurity(IPSec)allowsforactiveprotectionofdedicatednetworksandInternetattackswhilemaintainingeaseofuse・Also,itisasecurityservicebasedonencryptionandsecurityprotocols・ItUSESend-to-endsecuritypro
2、tectionmode,protectionworkinggroupclientandtheserver,LANcomputer,domain,distantbranch,Extranet,roamingcustomersandremotemanagementofcommunicationbetweenthecomputerskills・IPSecTheIong-termdirectionofsecurenetworksisasuiteofcryptographicprotectionservicesandsecurityprotocols・Becauseitdo
3、esn,tneedtochangetheapplicationorprotocol,youcaneasilydeployIPSectoanexistingnetwork・Windows2000,sIPSecimplementationisbasedonindustrystandardsdevelopedbytheIPSecworkinggroupoftheInternetengineeringtaskgroup(IETF)・Windows2000’ssecuritystrategyAmorepowerfulsecurityapproachbasedoncrypto
4、graphymayleadtoasignificsntincreaseinadministrativeoverhead・Windows2000avoidedthisf1awbyimplementingpolicy-basedInternetprotocolsecurity(IPSec)management・TheIPSeccanbeconfiguredusingpoliciesratherthanapplicationsoroperatingsystems・NetworksecurityadministratorscanconfiguremultipleIPSec
5、policiesfromasinglecomputertoanActiveDirectorydomain,site,ororganizationunit・Windows2000providescentralizedadministrativeconsole,IPsecuritypolicymanagementtodefineandmanageIPSecpolicies・Inmostexistingnetworks,thesepoliciescanbeconfiguredtoprovidevariouslevelsofprotectionformosttraffic
6、types・IPSec,sdataprotectionapproachBecausethenetworkattackmayresultinsystemdowntime,productivitylossofsensitivedataandpublicexposure,soprotectinformationfromunauthorizedthirdpartydecodeormodifyishighlypreferred・Networkprotectionstrategyisgenerallyfocusedontheperimetersecurity,throught
7、heuseoffirewalls,securegatewayanddial-upaccessuserauthenticationtopreventfromprivatenetexternalattack.However,itdoesnotprotectagainstattacksfromwithinthenetwork・Onlyfocusedontheaccesscontrolsecurity(forexample,useasmartcardandKerberos)mightnotbringcomprehensiveprotection,becausethesem
8、ethod