Use IPsec to protect critical servers

Contributor Tony Bradley explains how IPsec can help you prevent viruses or worms from spreading in this tip.

The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return to the main page.

Internet Protocol Security (IPsec) won't block all attack vectors. But it can protect critical systems from worms or viruses that may spread within your environment to network shares and other systems on the local area network (LAN). Use it on Windows 2000 or Windows Server 2003 systems to restrict access to those systems.

You can create IPsec policies on the critical servers, which only allow certain types of communication, or only allow communications with known IP addresses or subnets. Attempts from unauthorized systems will be blocked.

More information:

  • Article: Is IPsec on borrowed time?
  • Book excerpt: Use IPsec policies
  • Book excerpt: Use IPsec to manage connections

  • Click for the next tip in this series: Lock down user access and privileges
    This was first published in June 2005

    Dig Deeper on Windows Server and Network Security



    Find more PRO+ content and other member only offers, here.



    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:









    • VDI assessment guide

      Wait! Don't implement VDI technology until you know your goals and needs. A VDI assessment should consider the benefits of a VDI ...

    • Guide to calculating ROI from VDI

      Calculating ROI from VDI requires a solid VDI cost analysis. Consider ROI calculation models, storage costs and more to determine...

    • Keep the cost of VDI storage under control

      Layering, persona management tools and flash arrays help keep virtual desktop users happy and VDI storage costs down.