Policy-based security

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Policy-based security

Although stronger security methods based on cryptography have become necessary to fully protect communication, they can often greatly increase administrative overhead. To reduce overhead, IPSec uses policy-based administration.

IPSec policies, rather than application programming interfaces (APIs), are used to configure IPSec security services. The policies provide variable levels of protection for most traffic types in most existing networks.

You can configure IPSec policies to meet the security requirements of a computer, application, organizational unit, domain, site, or global corporation. You can use the IP Security Policy Management console provided in Microsoft® Windows® XP and the Windows Server 2003 family to define IPSec policies for computers through Active Directory® (for domain members) or on the local computer (for computers that do not belong to domains).