Network Security Components

5/10/2007

Adding network security components to your configuration can help protect your device from external intrusion. Network security components, such as Internet Protocol Security (IPSec) and Secure Socket Layer/Transport Layer Security (SSL/TLS), can enhance security when accessing a device over the network.

In addition to adding network security components to your configuration, other precautions should be made to protect your device. Disabling unused ports, and disabling or removing unused services, such as Simple Network Management Protocol (SNMP), reduces the risk of intrusion.

The following tables show network security features and the Windows XP Embedded components that must added to support them.

Internet Protocol Security (IPSec)

IPSec verifies and authenticates IP packets.

Required components Key binary

IP Security Services

Ipsec.sys, Ipsecsvc.dll, Winipsec.dll

SSL (Secure Socket Layer)/TLS

SSL encrypts data exchanged between systems.

Required components Key binary

Local Security Authority Subsystem (LSASS)

Schannel.dll

Cryptographic Network Services

Cryptnet.dll

Primitive: Secur32

Secur32.dll

Primitive: Crypt32

Crypt32.dll

Primitive: Cryptdll

Cryptdll.dll

Primitive: Netapi21

Netapi32.dll

Netlogon/Netjoin

Netlogon.dll

Secure RPC

Secure RPC adds security to COM+, DCOM, and RPC.

Required components Key binary

RPC Local Support

Rpcrt4.dll

Primitive: Secur32

Secur32.dll

Primitive: AuthZ

Authz.dll

Secure RPC over Kerberos

Secure RPC over Negotiate

Secure RPC over NTLM

Secure RPC over SSL

Secur32.dll

See Also

Concepts

Wireless Networking Encryption

Other Resources

Add Security Features to a Run-Time Image