Applies To: Windows 7, Windows Server 2008 R2
The Active Policy item of the IP Security Monitor snap-in describes the Internet Protocol security (IPsec) policy that has been applied to this computer. You cannot use the IP Security Monitor snap-in to change the policy.
Only one IPsec policy can be active at a time. The active policy is the IPsec policy that has been applied to this computer, either manually by the administrator of this computer or through the use of Active Directory Domain Services (AD DS) and Group Policy objects (GPOs). The active policy might be defined using GPOs instead of on the computer in the IP Security Policies snap-in.
Name and Description
This is the name and description given to the policy when it was created.
This is the time and date (local time) when the policy was last changed.
This is where the policy is stored, in the local store (on the local computer) or in a GPO.
This is the Active Directory Lightweight Directory Access Protocol (LDAP) path that describes the exact, fully-qualified location in AD DS for the IPsec policy that has been applied to this computer. This only applies to policies stored in GPOs in AD DS. Locally stored policies will not have this path.
This is the LDAP path that describes the exact, fully-qualified Active Directory organizational unit (OU) to which the policy was applied. This only applies to policies stored in a GPO in AD DS. Locally stored policies will not have an OU.
Group Policy Object Name
This is the name of the GPO and not the IPsec policy. This only applies to policies stored in GPOs in AD DS. Locally stored policies will not have a GPO name.