Use IPsec to protect critical servers

Contributor Tony Bradley explains how IPsec can help you prevent viruses or worms from spreading in this tip.

The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return to the main page.

Internet Protocol Security (IPsec) won't block all attack vectors. But it can protect critical systems from worms or viruses that may spread within your environment to network shares and other systems on the local area network (LAN). Use it on Windows 2000 or Windows Server 2003 systems to restrict access to those systems.

You can create IPsec policies on the critical servers, which only allow certain types of communication, or only allow communications with known IP addresses or subnets. Attempts from unauthorized systems will be blocked.

More information:

  • Article: Is IPsec on borrowed time?
  • Book excerpt: Use IPsec policies
  • Book excerpt: Use IPsec to manage connections

  • Click for the next tip in this series: Lock down user access and privileges

    Read more on Antivirus, firewall and IDS products