What are the way to secure server-to-client communication

**Rubeen** · 27-02-2010

How to secure server-to-client communication. I need some tips for the same. What all the terms comes in this. The most basic is the certificates which are widely used for authentication. What can be implemented for the same. Also what is needed to implement ipsec policies. The same I am trying for my server based settings.

**Shen** · 27-02-2010

Official document-based verification is used to generate an IPsec session connecting the client and the server. Every endpoint essential to provide a document to confirm its individuality. The client can also use its machine document, but the server essential to use a particular document that includes an Extended Key Usage (EKU) that confirm the server’s individuality as a DNS server. This document must be generated and configured on all local DNS servers.

**Steve123** · 27-02-2010

In accumulation to the document on the client, the client requirement also is provisioned with a root CA using which the server’s document can be corroborated. Corresponding IPsec policy essential to be arranged on both the server and the client. The use of encryption is non compulsory, but suggested. You arrange the client IPsec policy by using the NRPT. You can also arange server IPsec policy by using Windows Firewall with Advanced Security.

**Antonio1** · 27-02-2010

The appropriate of DNS Over IPsec is Used to designate whether IPsec obligation be used to prevent DNS traffic for questions belonging to the namespace. Locate the value to true will instigate the DNS client to set up an IPsec correlation to the DNS server before issuing the DNS question. And IPsec Encryption Level is Used to designate whether DNS correlations over IPsec will use encryption.If DNSOverIPsec is off, this value is disregarded.

**Milton.J** · 27-02-2010

IPsec CA is one of the term. The CA (or list of CAs) that issued the DNS server certificates for DNS over IPsec connections. When using IPsec to allow the client to trust the DNS server, the DNS client checks for the server authorization based on the server certificates issued by this CA. If not set, all root CAs in the client computer’s stores are checked. If DNSOverIPsec is off, this value is ignored.