共用方式為


Network Security Components

Adding network security components to your configuration can help protect your device from external intrusion. Network security components, such as Internet Protocol Security (IPSec) and Secure Socket Layer/Transport Layer Security (SSL/TLS), can enhance security when accessing a device over the network.

In addition to adding network security components to your configuration, other precautions should be made to protect your device. Disabling unused ports, and disabling or removing unused services, such as Simple Network Management Protocol (SNMP), reduces the risk of intrusion.

The following tables show network security features and the Windows XP Embedded components that must added to support them.

Internet Protocol Security (IPSec)

IPSec verifies and authenticates IP packets.

Required components Key binary
IP Security Services Ipsec.sys, Ipsecsvc.dll, Winipsec.dll

SSL (Secure Socket Layer)/TLS

SSL encrypts data exchanged between systems.

Required components Key binary
Local Security Authority Subsystem (LSASS) Schannel.dll
Cryptographic Network Services Cryptnet.dll
Primitive: Secur32 Secur32.dll
Primitive: Crypt32 Crypt32.dll
Primitive: Cryptdll Cryptdll.dll
Primitive: Netapi21 Netapi32.dll
Netlogon/Netjoin Netlogon.dll

Secure RPC

Secure RPC adds security to COM+, DCOM, and RPC.

Required components Key binary
RPC Local Support Rpcrt4.dll
Primitive: Secur32 Secur32.dll
Primitive: AuthZ Authz.dll
Secure RPC over Kerberos

Secure RPC over Negotiate

Secure RPC over NTLM

Secure RPC over SSL

Secur32.dll

See Also

Add Security Features to a Run-Time Image | Wireless Networking Encryption

Last updated on Wednesday, October 18, 2006

© 2006 Microsoft Corporation. All rights reserved.