Configure IPSec

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Time
30 minutes
Difficulty
Beginner

In this IT Pro Challenge provided by Learn on Demand Systems, you secure LAN traffic using IPSec.

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Overview

Objectives:

  1. To capture and analyze standard network ping traffic.
  2. To assign a IPsec policy in Group Policy.
  3. To refresh the Group Policy.
  4. To capture ping network traffic and verify that it was encrypted by using ESP.

Tasks:

  1. Capture and analyze ping traffic.
  2. Configure IPsec in Group Policy.
  3. Capture and view ping traffic after enabling IPsec.

Skills: Learn to use Graphical User Interface applications such as Command Prompt, Wireshark and Control Panel in Microsoft Windows 10 Operating System. Secure LAN traffic using IPSec.

Introduction: The Learn on Demand Systems' Configure IPSec is a premium Cybrary lab that trains students to learn to ping a host machine IP by using ping command on the Command Prompt and then capture as well as analyze the Ping Traffic inside Wireshark. Configuring IPSec policies in the Group Policy inside Control Panel is also demonstrated here. The Configure IPSec lab is intended for Intermediate level students and learners.

The Learn on Demand Systems' Configure IPSec Lab is aimed towards the System Administrator work profile. Upon successful completion of Learn on Demand Systems' Configure IPSec Lab, the student will be able to secure the LAN traffic using IPSec in Microsoft Windows 10 operating system. Learn on Demand Systems' Configure IPSec Lab takes 30 minutes to complete for most students.

Skills/Activity Breakdown: The Configure IPSec Lab aims at teaching students to start pinging packets from the Client machine to the Administrator machine. Also, it includes a tutorial to ping packets to specific machine IP and captures them in Wireshark Application software. The captured packets are then useful in analyzing the packet components. Ping command uses the ICMP protocol to report the host status. ICMP traffic is filtered inside the Wireshark packet capture tool, and the results of the echo requests are reviewed. A student learns proper usage of ping command as well as the Wireshark packet capture tool.

The Configure IPSec Lab also aims at teaching students to configure IPSec in Group Policy. Security enablement in all ICMP traffic is important, so students modify the Server IPSec Policy inside the Default Domain Policy. The server policy is assigned in group policy, which is refreshed at both the Client and the Server side. A student learns good usage of Kerberos default authentication mechanism in Microsoft Windows 10, which is used for Active Directory domain-joined computers.

The Configure IPSec Lab also aims at teaching students to capture and view ping traffic after the enablement of IPSec Group policy. Also, it includes a tutorial to ping ICMP packets from client to administrator machines using IPs of those machines in the ping command. A student learns good usage of analyzing the captured ESP(Encapsulating Security Payload) traffic used by IPSec to encrypt the contents of packets. Working with the ESP and IPSec, one learns that the ping traffic is not visible inside the captured packets because it is now encrypted by using ESP.

Completion of Learn on Demand Systems' Configure IPSec Lab means that the student has demonstrated the ability to use Graphical User Interface software, such as Command Prompt and Wireshark, as well as Command line utility ping to secure the LAN traffic for packets transmitted and received between the Client and Administrator connected on the same network.

Scenario: You are a system administrator for a company that uses Microsoft IIS and Windows Operating Systems. You need to set up communication between the clients and server by configuring them into an intranetwork. You will use ping command to check and map hosts connected on the network and then use Wireshark to intercept the packets. Next, you will setup IPSec Group policies as a mechanism to encrypt the entire packet flow using the ESP. Finally, you will verify the encryption of ESP by again capturing the network interface packet flow.

Environment: You will use a default installation of Microsoft Windows 10 operating system with the Server along with the GUI package installed. Privileged and Non-privileged accounts have been created for you. You will be guided through the process of adding software if necessary.

NOTE: A Guided Challenge is similar to a traditional lab, but replaces the step-by-step instructions with goals and objectives along with detailed hints, which allow students to check their work as they progress. Before you begin, please ensure you have set aside enough time to complete this challenge as you will not be able to pause, save, or return to your progress.

Learn on Demand Systems' Configure IPSec Lab is a part of the Cybersecurity: Technology and Tools Essentials - Challenge Series Learning path presented by Cybrary and the lab is created by Learn on Demand Systems.

Click on the Launch the Lab button to assess your knowledge about the Microsoft Windows 10 IPSec Group policies and Encapsulated Security Payload to secure the LAN Traffic between client and administrator.