Applies To: Windows Server 2008
Information protection technologies in Windows Server 2008 can be used to secure data that is stored on a computer or on the network, and data that is being transmitted across the network or public Internet. In addition, these technologies can be used to manage who has the right to view this data.
The following Windows Server 2008 features can be used to protect data and to manage permission to view that data.
BitLocker Drive Encryption
Windows BitLocker Drive Encryption (BitLocker) uses encryption and system integrity checking to help protect the operating system and data stored on your computer. BitLocker is a feature in the Windows Vista Enterprise and Ultimate operating systems and an optional component in the Windows Server 2008 operating system.
Encrypting File System
Encrypting File System (EFS) is an information protection feature that enables a user to encrypt files stored on NTFS volumes. EFS can be used and managed on a single computer, or implemented and managed for large groups of users. EFS in Windows Vista and Windows Server 2008 includes improvements in manageability and support for storing encryption keys on smart cards.
Active Directory Rights Management Services
Active Directory Rights Management Services (AD RMS) is an information protection technology that works with AD RMS-enabled applications to help safeguard digital information from unauthorized use. AD RMS can be deployed in a wide variety of scenarios, from single-server deployments to complex topologies.
Active Directory Certificate Services
Active Directory Certificate Services (AD CS) is an identity, access control, and information protection technology that allows you to create and manage public key certificates used in software security systems that employ public key technologies. AD CS can be deployed in a wide variety of scenarios, from single-server deployments to complex topologies.
Internet Protocol Security (IPsec)
Internet Protocol security (IPsec) is a framework of open standards for protecting communications over Internet Protocol (IP) networks through the use of cryptographic security services. IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. The Microsoft implementation of IPsec is based on standards developed by the Internet Engineering Task Force (IETF) IPsec working group.