can anyone compare and contrast "windows firewall" against ipsec filtering? We have been using ipsec filtering for our windows 2000 server and will be upgrading to 2003. Do we use both? Should we stop using ipsec? etc.....
IPSec falls under how computers communicate with each other... secure, request, and none. You specify how they will attempt communications with the default being request: secure communications if possible but non-secure if secure is not available. What you specify as secure typically involves the authentication and encryption to be used in a secure communication. IPSec is commonly used to make sure that information is encrypted between two computers when it must pass over a network segment that is not under your control like the internet. VPN tunnels using PPTP or L2TP with encryption help maintain your private information as it crosses the network segment. Consider IPSec as those protocols that maintain the integrity and privacy of your IP packets over a non-secure network segment.
A firewall is typically concerned with access to and from an IP address (i.e. to a single PC) or IP subnet(i.e. company network in the later case). It is more designed to be the gatekeeper on the ports used by applications that communicate to other computers through your firewall. Some apps are designed to use specific ports like http requests go to port 80. Some apps like IE use non-assigned ports to communicate through your IP address. Consider your firewall to be your burglar bars between your computers and the outside world attached to other side of your firewall. I would suggest a commercial firewall over the one that comes with windows. Many corporations use two firewalls... one between their main network and a DMZ and one between the DMZ and the internet. Windows help will explain the basic principles on this.
I understand what the true definition of "ipsec" is. However Microsoft put fiwerwalling capablities in its "ip security policy"(IPSEC) tool. Many people use this to lockdown there server's ports(
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.