Security features
The IPv6 protocol for Windows incorporates Internet Protocol security (IPSec), which provides protection of IPv6 data as it is sent over the network. IPSec is a set of Internet standards that uses cryptographic security services to provide the following:
| • | Confidentiality IPSec traffic is encrypted. Captured IPSec traffic cannot be deciphered without the encryption key. |
| • | Authentication IPSec traffic is digitally signed with the shared encryption key so that the receiver can verify that it was sent by the IPSec peer. |
| • | Data integrity IPSec traffic contains a cryptographic checksum that incorporates the encryption key. The receiver can verify that the packet was not modified in transit. |
For an example of configuring IPSec for IPv6, see Using IPSec between two local link hosts
The IPv6 protocol for Windows also provides support for anonymous addresses. Anonymous addresses provide a level of anonymity when accessing Internet resources. For more information about anonymous addresses, see Anonymous address interface identifiers
Note
Related Topics
| • | IPSec in IPv6 is separate from and not interoperable with IPSec for the TCP/IP protocol. IPSec policies that are configured with the IP Security Policies or Group Policy snap-ins have no effect on IPv6 traffic. For more information about IPSec for the TCP/IP protocol, see Internet Protocol security (IPSec) IPSec in the IPv6 protocol for Windows does not support the use of data encryption for data confidentiality. IPSec in the IPv6 protocol for Windows does not support the use of Internet Key Exchange (IKE) to negotiate security associations (SAs). IPSec policies and SAs must be manually configured. |