IP Security Policies on Active Directory
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
IP Security Policies on Active Directory
This security setting allows you to permit, block, or negotiate security for TCP/IP traffic.
Location
GPO_name\Computer Configuration\Windows Settings\Security Settings\IP Security Policies on Active Directory\
Default Values
| Server Type or GPO | Default Value |
|---|---|
Default Domain Policy |
Not defined |
Default Domain Controller Policy |
Not defined |
Stand-Alone Server Default Settings |
Not defined |
DC Effective Default Settings |
Not defined |
Member Server Effective Default Settings |
Not defined |
Discussion
Use this setting to create filter lists and corresponding actions. Filter lists are based on ports, protocols, and whether the traffic is incoming or outgoing. Actions you specify are carried out when traffic matches a filter in the list. Actions include blocking, permitting, and requiring or requesting that traffic be secured through encryption.
Specify authentication methods. Choices include Kerberos V5, certificates, and (for testing only) preshared keys.
IP Security Policy can also be set in the local Group Policy object. IP Security Policy that is set in Active Directory takes precedence.