Network Security Components

Adding network security components to your configuration can help protect your device from external intrusion. Network security components, such as Internet Protocol Security (IPSec) and Secure Socket Layer/Transport Layer Security (SSL/TLS), can enhance security when accessing a device over the network.

In addition to adding network security components to your configuration, other precautions should be made to protect your device. Disabling unused ports, and disabling or removing unused services, such as Simple Network Management Protocol (SNMP), reduces the risk of intrusion.

The following tables show network security features and the Windows XP Embedded components that must added to support them.

Internet Protocol Security (IPSec)

IPSec verifies and authenticates IP packets.

Required componentsKey binary
IP Security ServicesIpsec.sys, Ipsecsvc.dll, Winipsec.dll

SSL (Secure Socket Layer)/TLS

SSL encrypts data exchanged between systems.

Required componentsKey binary
Local Security Authority Subsystem (LSASS)Schannel.dll
Cryptographic Network ServicesCryptnet.dll
Primitive: Secur32Secur32.dll
Primitive: Crypt32Crypt32.dll
Primitive: CryptdllCryptdll.dll
Primitive: Netapi21Netapi32.dll

Secure RPC

Secure RPC adds security to COM+, DCOM, and RPC.

Required componentsKey binary
RPC Local SupportRpcrt4.dll
Primitive: Secur32Secur32.dll
Primitive: AuthZAuthz.dll
Secure RPC over Kerberos

Secure RPC over Negotiate

Secure RPC over NTLM

Secure RPC over SSL


See Also

Add Security Features to a Run-Time Image | Wireless Networking Encryption

© 2006 Microsoft Corporation. All rights reserved.