IPsec Security Guidance Now Available!Microsoft is pleased to announce the release of Server and Domain Isolation Using IPsec and Group Policy, the latest guide from Microsoft Solutions for Security. This guide is designed to support implementation of a server and domain isolation solution through all stages of the IT lifecycle, starting at the initial evaluation and approval phase and continuing through deployment, testing, and management of the completed implementation.
Server and domain isolation creates a layer of security that isolates network traffic as it moves between computers or networks. If an attacker manages to gain physical access to an organization's internal network and attempts to access a server that contains valued data assets, server and domain isolation can block access simply because the attacker's computer is not a trusted company device, even if the attacker uses a valid user account and password.
The planning chapters of this guide (Chapters 2, 3, and 4) are intended to be most helpful to the technical architects and IT professionals who will be responsible for designing a customized server and domain isolation solution for an organization. These chapters will primarily benefit those with a good technical understanding of both the technologies involved and the organization's current infrastructure.
Chapter 5 and the appendices are designed for the support staff that is responsible for creating the deployment plans for the organization's solution. Included in this guidance are a number of recommendations about the process of completing a successful server and domain isolation solution deployment as well as practical implementation steps to create a test lab environment.
Chapter 6 of this guide is intended as a reference for the support staff that is responsible for the day-to-day operations of the solution after it is implemented and fully operational. A number of operating processes and procedures highlighted in this chapter should be built into the organization's operations framework.
Chapter 7 provides information about troubleshooting an IPsec deployment. Because IPsec fundamentally affects network communications, troubleshooting information and techniques can significantly help organizations that choose to implement server and domain isolation.
Where to Find the Solution
Server and Domain Isolation Using IPsec and Group Policy is available from the Microsoft Download Center at http://go.microsoft.com/fwlink/?linkid=33947. It is also available on Microsoft TechNet at http://go.microsoft.com/fwlink/?linkid=33945.