Internet Protocol Security

Previous Topic Next Topic

IPSec Policy Agent Service

The purpose of the policy agent is to retrieve IPSec policy information and pass it to the other IPSec mechanisms that require that information to perform security services, as shown in Figure 8.5.

Figure 8.5    IPSec Policy Agent
Enlarge figure

Figure 8.5 IPSec Policy Agent

The policy agent is an IPSec service residing on each Windows 2000 computer, appearing in the list of system services. The policy agent performs the following tasks:

Retrieval of the policy occurs both at system start time, at the interval specified in the IPSec policy (if the computer is joined to a domain), and at the default Winlogon polling interval (if a joined to a domain):

The policy agent starts automatically at system start time. If there are no IPSec policies in the directory service or registry, or if the policy agent cannot connect to the directory service, the policy agent waits for policy to be assigned or activated.

© 1985-2000 Microsoft Corporation. All rights reserved.