Best Practices

The following are best practices from this chapter:

  • Use the EAP-TLS authentication protocol for both PPTP and L2TP connections

  • If a smartcard will be used, or if a certificate infrastructure that issues user certificates exists, use EAP-TLS.

  • Use MS-CHAP v2 and enforce strong passwords using group policy if you must use a password-based authentication protocol.

  • Use IPSec to provide per packet data authentication (proof that the data was sent by the authorized user), data integrity (proof that the data was not modified in transit), replay protection (prevention from resending a stream of captured packets), and data confidentiality (prevention from interpreting captured packets without the encryption key).

  • L2TP/IPSec connections provide ...

Get Microsoft® Exchange Server 2003 Unleashed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.