Export (0) Print
Expand All

Network and Edge Protection

Updated: May 23, 2008

Applies To: Windows Server 2008

Network and edge protection technologies can be used to protect your organization's network from external threats and vulnerabilities. In addition, they can be used to manage and control internal network traffic to a destination that is external to your network. There are six fundamental elements in regard to network and edge protection to consider when designing your infrastructure. Windows Server 2008 uses Internet Protocol security (IPsec), Network Access Protection (NAP), and wireless technologies to accomplish security zoning.

Security zoning enables companies to protect network resources based on the level of security they require. For example, core network services and applications may be within a security zone and protected from the general user population.

Network firewalls and Web proxies enable organizations to control access to resources contained on both the corporate network and the Internet. A network firewall and Web proxy should not only protect, but also log and report all connections made through the firewall and Web proxy.

Secure Sockets Layer (SSL) virtual private networks (VPNs) enable secure global access to both Web and non-Web applications and corporate information resources over the Internet. Built-in comprehensive policy enforcement helps drive compliance with legal and business guidelines for handling sensitive data. Endpoint security management enables access control, authorization, and content inspection for line-of-business applications.

Intrusion detection and protection mechanisms enable network security administrators to be alerted to active threats and mitigate them in real time. Additional features such as worm and flood protection can detect prevalent intrusions and block them.

Network level VPN enables remote computers to connect to the corporate network and access resources in a manner similar to a workstation directly connected to the network.

IPsec is a standard Internet protocol that allows administrators to isolate and protect servers and network domains with peer-level authentication and encryption. It provides a powerful mechanism for network segmentation and client quarantine without the need for new hardware.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft