Adding network security components to your configuration can help protect your device from external intrusion. Network security components, such as Internet Protocol Security (IPSec) and Secure Socket Layer/Transport Layer Security (SSL/TLS), can enhance security when accessing a device over the network.
In addition to adding network security components to your configuration, other precautions should be made to protect your device. Disabling unused ports, and disabling or removing unused services, such as Simple Network Management Protocol (SNMP), reduces the risk of intrusion.
The following tables show network security features and the Windows XP Embedded components that must added to support them.
Internet Protocol Security (IPSec)
IPSec verifies and authenticates IP packets.
| Required components | Key binary |
| IP Security Services | Ipsec.sys, Ipsecsvc.dll, Winipsec.dll |
SSL (Secure Socket Layer)/TLS
SSL encrypts data exchanged between systems.
| Required components | Key binary |
| Local Security Authority Subsystem (LSASS) | Schannel.dll |
| Cryptographic Network Services | Cryptnet.dll |
| Primitive: Secur32 | Secur32.dll |
| Primitive: Crypt32 | Crypt32.dll |
| Primitive: Cryptdll | Cryptdll.dll |
| Primitive: Netapi21 | Netapi32.dll |
| Netlogon/Netjoin | Netlogon.dll |
Secure RPC
Secure RPC adds security to COM+, DCOM, and RPC.
| Required components | Key binary |
| RPC Local Support | Rpcrt4.dll |
| Primitive: Secur32 | Secur32.dll |
| Primitive: AuthZ | Authz.dll |
| Secure RPC over Kerberos
Secure RPC over Negotiate Secure RPC over NTLM Secure RPC over SSL | Secur32.dll |
See Also
Add Security Features to a Run-Time Image | Wireless Networking Encryption
© 2006 Microsoft Corporation. All rights reserved.