Connection Security Rules and IPsec

1 min read Web Security Fundamentals

Connection Security Rules and IPsec

Connection security rules provide encryption and authentication for network connections, adding an extra security layer beyond basic firewall filtering. These rules are particularly valuable for protecting sensitive data transmission between web servers and backend services.

Create a connection security rule for database traffic:

# Create IPsec rule for SQL Server connections
netsh advfirewall consec add rule name="Secure SQL Connection" `
    endpoint1=any `
    endpoint2=any `
    action=requireinrequireout `
    protocol=TCP `
    port2=1433 `
    auth1=computerkerb `
    enc1=require

# Using PowerShell
$proposal = New-NetIPsecMainModeCryptoProposal -Encryption AES256 -Hash SHA256
$mMCryptoSet = New-NetIPsecMainModeCryptoSet -DisplayName "Strong Crypto" -Proposal $proposal
New-NetIPsecRule -DisplayName "Secure Database Traffic" `
    -InboundSecurity Require `
    -OutboundSecurity Require `
    -Protocol TCP `
    -LocalPort Any `
    -RemotePort 1433

Implement domain isolation:

# Require authentication for all connections from domain computers
New-NetIPsecRule -DisplayName "Domain Isolation" `
    -InboundSecurity Require `
    -OutboundSecurity Request `
    -Phase1AuthSet "Domain Kerberos" `
    -RemoteAddress Any `
    -Protocol Any