Multi-vendor interoperability for virtual private networking is essential in today's networking environment due to the nature of business acquisitions, the need to extend corporate networks to contractors and partners, and the diverse equipment within company networks. To ensure customers have an open solution, Microsoft Windows Server 2003-based VPN technology is based on industry standards. By supporting IETF industry standards, Microsoft delivers a VPN solution that will work with other standard-compliant devices or software systems, helping to lower the cost and complexity of supporting proprietary solutions. Customers who use standards-based technology are not locked into any given vendor's proprietary implementations. Microsoft supports the IETF efforts to standardize VPN technology. To date, two major technologies are IETF standards: o Layer Two Tunneling Protocol (L 2 TP) -a combination of PPTP and Cisco's Layer 2 Forwarding, which evolved through the IETF standards process.
o Internet Protocol Security (IPSec) -an architecture, protocol, and related Internet Key Exchange (IKE) protocol, which are described by IETF RFCs 2401-2409. The combination of these technologies is described in RFC 3193, an IETF Proposed Standard. In addition to IETF standards-track technologies, Microsoft supports PPTP, created by the PPTP Industry Forum (US Robotics [now 3 Com], 3 Com/Primary Access, Ascend, Microsoft, and ECI Telematics. ) PPTP is a published informational RFC (RFC 2637) and has many companies shipping third-party implementations. For advanced security requirements, IPSec has emerged as a key technology. However, IPSec tunnel mode by itself does support legacy authentication methods, tunnel IP address assignment and configuration, and multiple protocols-all critical requirements for remote access VPN connections.
To provide a truly interoperable solution, Windows Server 2003 uses L 2 TP in combination with IPSec to provide an interoperable, secure VPN solution. L 2 TP has broad vendor support, particularly among the largest network access equipment providers, and has verified interoperability in a series of vendor-sponsored testing events. By placing L 2 TP as payload within an IPSec packet, communications benefit from the standards-based encryption, integrity and replay protection of IPSec, while also benefiting from the user authentication, tunnel address assignment and configuration, and multi-protocol support of PPP-based tunneling. This combination is commonly referred to as L 2 TP/IPSec.