Internet Protocols Team Blog

Microsoft.com Home

Site Map

Blogs Home

Internet Protocols Team Blog

This is the Internet Protocols team blog from Windows Networking division.

Internet Protocol Security - IPsec

Over the years, the Internet Protocols Team has worked on building IPsec (Internet Protocol Security) in to Windows. IPsec allows creation of logical secure network segments using domain isolation and server isolation. Domain isolation and server isolation significantly improve network security by shielding unmanaged computers from communicating with managed computers. Active directory and group policy provide a framework for easily deploying IPsec policies to computers in any Enterprise. Microsoft IT department has widely deployed IPsec within its own enterprise to get these network security benefits. IPsec policies can be deployed in such way that some computers would require only authentication and some require both authentication and encryption. This way sensitive data for selected computers can be completely protected using Encryption while every computer can benefit from having authentication. While IPsec has been supported since Windows 2000, Windows Vista has good improvements, such as, better UI for policy management, simplified policy support, improved load balancing and cluster support, client to DC security, user and machine health based authentication support (in addition to machine authentication support) etc. More information on IPsec can be found at the following links:

http://www.microsoft.com/ipsec

http://www.microsoft.com/sdisolation

Posted Friday, June 16, 2006 7:35 AM by SudheerD | 0 Comments

Windows Filtering Platform

One of the technologies, that the Internet Protocols team works on, is the Windows Filtering Platform. This is a new architecture and a set of APIs and system services that enables application developers to build applications, such as, firewalls and antivirus software. Firewall, anti-virus vendors and ISVs are encouraged to take advantage of these APIs instead of unconventional hooks and custom solutions based on reverse engineering the TCP/IP protocol stack. In addition to the APIs, WFP provides a way to plug-in call out modules for deep packet inspection. More information on Windows Filtering Platform can be found at the following links:

http://www.microsoft.com/whdc/device/network/WFP.mspx

http://windowssdk.msdn.microsoft.com/library/default.asp?url=/library/en-us/fwp/fwp/fwp_mgmt_functions.asp

Posted Monday, June 05, 2006 10:31 PM by SudheerD | 0 Comments

Configuring IPv6 with Windows Vista

IPv6 has been included in Windows since Windows XP - SP1. In Windows Vista, IPv6 is enabled by default. Even though the protocol is self-configuring, Windows Vista provides many tools using the UI and command line shell to configure the protocol. Here is a good recent link to "Configuring IPv6 with Windows Vista".

http://www.microsoft.com/technet/community/columns/cableguy/cg0506.mspx

Posted Wednesday, May 10, 2006 6:59 AM by SudheerD | 0 Comments

Internet Protocols Team Blog

This is a team blog used by the Internet Protocols Team to post news and information related to Internet Protocols stack shipping in Windows Operating Systems. Our team is currently working on shipping the next generation Internet Protocols stack in Windows Vista operating system. We are part of the Windows Networking team and own the following primary areas:

- IPV4, IPV6, TCPIP and related protocols

- IPSec technologies

- Windows Filtering Platform

You can find more information about these areas at the following links:

http://www.microsoft.com/technet/itsolutions/network/ipv6/default.mspx

http://www.microsoft.com/technet/itsolutions/network/ipsec/default.mspx

http://www.microsoft.com/whdc/device/network/WFP.mspx

Posted Wednesday, April 26, 2006 7:47 AM by SudheerD | 0 Comments