COM and Security Packages

COM and Security Packages

Windows supports NTLMSSP (LAN Manager Security Support Provider), the Kerberos v5 authentication protocol, and the Schannel security package, which provides the PCT 1.0, SSL 2.0, SSL 3.0, and TLS 1.0 protocols. Also supported is Snego, which checks for available security packages and selects the most appropriate one.

The following table shows the levels of authentication supported by the various security packages.

Server/Client Authentication Security Package Support

Neither can get the name of the other.


The client can authenticate the server, but not vice versa.


The client cannot discover the server, but the server can get the user ID of the client.


Mutual authentication: Both the client and server can know the name of the other, if permission is granted.

NTLMSSP (locally), Kerberos v5 protocol, and Schannel


For more information about these security packages, see the following topics in this section:

Related topics

Security in COM



Community Additions

© 2015 Microsoft