1.4 Relationship to Other Protocols

The Group Policy: IP Security (IPsec) Protocol Extension depends on the Group Policy: Core Protocol [MS-GPOL] to read and write IPsec policy ( [RFC2401], [RFC2402], [RFC2406], [RFC2410], and [RFC2411]) on applicable Group Policy Objects (GPOs). The administrative plug-in for this protocol uses LDAP [RFC2251] to read and write protocol-specific data. The protocol also relies on the DC locator operation (see [MS-NRPC] section 3.5.4.3, "DC Location Methods") to locate a server from which to download the policy. These relationships are illustrated in this section.

The Group Policy IPsec Protocol Extension also uses the Internet Security Association and Key Management Protocol (ISAKMP), ([RFC2407] and [RFC2408]), OAKLEY ([RFC2412]), and Internet Key Exchange (IKE), as defined in [RFC2409] and [RFC3947].

The following figure illustrates the relationship of the Group Policy: IP Security (IPsec) Protocol Extension to other protocols and the DC locator process.

Protocol relationship diagram

Figure 5: Protocol relationship diagram