M  E  N  U
 - Guides
 - Links
 - Tools
 - Themes


Services Utility: IPSEC Policy Agent Service

Display Name (?): IPSEC Policy Agent
Short Name (?): PolicyAgent
Executable (?): lsass.exe
Library (?): None.
Depends On (?): Remote Procedure Call (RPC)
Supports (?): None.
Description (?): Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
OS (?): 2000 Professional, 2000 Server
Startup (?):

Explanation (?):

The IPSEC policy agent service is used in managing IPSEC policies, deploying IPSEC policies, starting ISAKMP/Oakley (IKE) and controlling of the IP security driver. The IPSEC policies are obtained from an authenticated active directory at a polling interval and during logon. Clients may also manually poll an active directory using the "pupdate /target:computer" command. The service itself is used in obtaining the policy so that it can load it through the IP security driver.

IPSEC (IP Security) itself is used in encrypting packets and authenticating with secret keys through the use of public keys from IKE. This provides a very cross platform method for data security over unsecure lines. However, security is only good when the key is not compromised. This is especially useful for VPN type traffic, or any other form of IP traffic that needs security. Two forms of IPSEC exist, transport and tunnel. With transport IPSEC only the data is encrypted, but with tunnel IPSEC the header and the data are encrypted.

This service is only required if you are using IPSEC to encrypt data. For the vast majority of people this service is totally unneeded. You will only need this if you are connected to an active directory and need authenticated encryption. You can safely disable this service if you do not use it.

Please visit /tools/services/ for the complete Services utility.