It’s your friendly neighborhood Microsoft Security Advisor, back with more tricks to keep your network safe. Despite your best efforts to protect your data, unencrypted network protocols might still be used. We show you how to use IPsec and SMB protection to create a web of protection around your information.

Let’s start with some theoretical background about public key role separation. An important step in designing and implementing our public infrastructure is that reminding the groups or users who will manage it, and here, I would like to point out that we should always use active director groups when we are talking about security managing certification authorities that are member of active director, because it is much easier from management perspective. This design step determines the security of your public infrastructure, so please don’t treat it lightly.