Monday, December 4, 2006
Domain Isolation and Cima
There is a very good security professional in Microsoft called Fernando Cima. He wrote an article about the Domain Isolation strategy implemented through the use of IPSecurity, from Windows 2000 and above. There are some thing that I didn't know about, like the simpler version of the system introduced in Windows 2003 and Vista. I see this approach as a very good alternative for 802.1x, even because it can include encryption. Cima also shows how to include systems that do not support IPSEC in the system, using ISA Server as a gateway. Very clever solution.