Windows OS
Windows platforms have an implementation of OE installed by default. This method uses IPsec to secure the traffic and is a simple procedure to turn on. It is accessed via the MMC and "Ip Security Policies on Local Computer" and then edit the properties to assign the "(Request Security)" policy. This will turn on optional IPsec in a Kerberos environment.
In a non-Kerberos environment, a certificate from a Certificate Authority (CA) which is common to any system with which you communicate securely is required.
Many systems also have problems when either side is behind a NAT. This problem is addressed by NAT Traversal (NAT-T) and is accomplished by adding a DWORD of 2 to the registry: HKLM\SYSTEM\CurrentControlSet\Services\IPsec\AssumeUDPEncapsulationContextOnSendRule Using the filtering options provided in MMC, it is possible to tailor the networking to require, request or permit traffic to various domains and protocols to use encryption.
Read more about this topic: Opportunistic Encryption
Famous quotes containing the word windows:
“The windows were then closed and the steam turned on. There was a sign up saying that no one could smoke, but you couldn’t help it. You were lucky if you didn’t burst into flames.”
—Robert Benchley (1889–1945)