Educause Security Discussion mailing list archives
Re: Basic Practical IPSec Documentation?
From: Mike Lococo <mike.lococo () NYU EDU>
Date: Fri, 30 Oct 2009 16:56:18 -0400
Check out http://technet.microsoft.com/en-us/network/bb531150.aspx, especially the introductory overviews or is this the documentation you are lamenting ;-)
That is indeed the main source of my woes.
The other take home is it's not too hard if you can push out IPSEC certs to everyone using MS CA. Otherwise it's hard.
I'm actually very much pushing in the other direction. We don't have a large enterprise-wide IPSec deployment and don't expect to ever have one. However, we do recommend it as a spot fix when a couple of backend systems employ some poorly designed protocol. In this kind of situation where no system is ever going to speak IPSec to more than 1 or 2 other boxes PSK is more than adequate and it really *isn't* hard (although the UI is quite obtuse). Anyway, if I can't find something I'll likely scribble it together myself and post a follow-up to the list if/when it happens. Thanks, Mike Lococo
Current thread:
- Basic Practical IPSec Documentation? Mike Lococo (Oct 28)
- <Possible follow-ups>
- Re: Basic Practical IPSec Documentation? Chris Green (Oct 30)
- Re: Basic Practical IPSec Documentation? Mike Lococo (Oct 30)