IPSEC Services (System Services for the Windows Server 2003 Family and Windows XP Operating Systems)
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Service Name: PolicyAgent
Executable Name: lsass.exe
Log On As: LocalSystem
Description: Provides end-to-end security between clients and servers on TCP/IP networks. Manages IP security (IPSEC) policy, starts the Internet Key Exchange (IKE) and coordinates IPSEC policy settings with the IP security driver. The service is controlled using the net start or net stop policy agent command.
IPsec operates at the IP layer and is transparent to other operating system services and applications. It provides packet filtering, and can negotiate security between sending and receiving computers on IP networks. IPsec can be administratively configured to provide:
Packet filtering - with actions permit, block, or negotiate security
Negotiated trust and secure IP communication - The IKE protocol mutually authenticates the sender and receiver of IP data packets based on policy settings. Authentication can use the Kerberos authentication protocol, digital certificates, or a shared secret key (password). IKE automatically generates cryptographic keys, and IPsec security associations.
Protect IP packets with IPsec secure formats: provides cryptographic integrity, authenticity, and optionally encryption of IP packets.
Secure end-to-end connections: using IPsec transport mode.
Secure IP tunnels: using IPsec tunnel mode.
IPsec also provides security for L2TP VPN connections. The IPsec security settings for L2TP are created automatically and require the IPsec service to be running in order to take effect.
*On Windows 2000 this service was called IPSEC Policy Agent.
Available on: Windows XP Home, Windows XP Professional; Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition and Windows Server 2003, Web Edition.
Installed through: Default operating system installation
Startup type: Automatic
Service status: Started
This service depends on the following system components:
Remote Procedure Call
TCP/IP Protocol Driver
The following system components depend on this service: None
IP Port Numbers used:
TCP: 50 (ESP), 51 (AH)
UDP: 500 (ISAKMP)