Using IPsec or VPN with Remote Administration

Applies To: Windows Server 2003, Windows Server 2003 with SP1

You can use Internet Protocol security (IPsec) and virtual private networks (VPNs) to help secure traffic for Web server administration tasks performed over the network, such as uploading content by using FTP or managing the Web server. In addition to encrypting administrative traffic, IPsec and VPNs provide cryptographically strong authentication methods, such as computer certificates, smart cards, and strong password requirements, to provide improved identity checking.

Identity checking is the process of verifying the authenticity of the user credentials. Computer certificates, issued by your organization, ensure that remote administration is performed from specific computers and provide improved identity checking.

If your organization provides hosting of Web sites for other groups, these groups need to have a secure method for posting their Web site content to your Web servers. Because the groups post their Web site content over the Internet, you need to encrypt the traffic and provide enhanced identity checking to help protect confidential information.

For example, you can use FTP to upload Web site content to be published on production Web servers. Because FTP exchanges content and user credentials in plaintext, you need to use IPsec or VPNs to encrypt the traffic.

For more information about designing and deploying VPNs, see Determining Your Ipsec Needs.