Black Viper
Black Viper

IPsec Policy Agent

 

General Information

None at this time

Windows 8

Default Description

Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool “netsh ipsec”. If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.

Additional Information

None at this time.

Default Startup Type

OS SP0
Windows 8 x86 Manual (Trigger Start)
Windows 8 x64 Manual (Trigger Start)
Windows 8 Pro x86 Manual (Trigger Start)
Windows 8 Pro x64 Manual (Trigger Start)
Windows 8 Enterprise x86 Manual (Trigger Start)
Windows 8 Enterprise x64 Manual (Trigger Start)

Service Names

Service Name (registry): PolicyAgent
Display Name: IPsec Policy Agent

Default Path and Command Line Options

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

Log On As

Account: Network Service

Dependencies

Note: No dependencies are listed for any service in the WDP build I used to draft this information.

Windows 7

Default Description

Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool “netsh ipsec”. If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.

Additional Information

Most home networks do not use IPsec as it is used for remote VPN connections among other things.

If you use an external hardware firewall/gateway/router between your computer and the internet, do not use IPsec (VPN tunneling, etc) and Internet Connection Sharing (ICS), then this service and the following group of services can be disabled:

I highly recommend that you do not disable the Windows Firewall unless you use a different software firewall or external hardware solution, but the services listed above are all involved with each other.

Default Startup Type

OS SP0 SP1
Windows 7 Starter Manual Manual
Windows 7 Home Basic Manual Manual
Windows 7 Home Premium Manual Manual
Windows 7 Professional Manual Manual
Windows 7 Ultimate Manual Manual
Windows 7 Enterprise Manual Manual

Service Names

Service Name (registry): PolicyAgent
Display Name: IPsec Policy Agent

Default Path and Command Line Options

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

Log On As

Account: Network Service

Dependencies

What service IPsec Policy Agent needs to function properly:

What other service require IPsec Policy Agent to function properly:

  • None (S, HB, HP, P, U, E)

Windows Vista

Default Description

Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool “netsh ipsec”. If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.

Additional Information

Most home networks do not use IPsec as it is used for remote VPN connections among other things.

If you use an external hardware firewall/gateway/router between your computer and the internet, do not use IPsec (VPN tunneling, etc) and Internet Connection Sharing (ICS), then this service and the following group of services can be disabled:

I highly recommend that you do not disable the Windows Firewall unless you use a different software firewall or external hardware solution, but the services listed above are all involved with each other.

Default Startup Type

OS SP0 SP1 SP2
Vista Home Basic Automatic (Started) Automatic (Started) Automatic (Started)
Vista Home Premium Automatic (Started) Automatic (Started) Automatic (Started)
Vista Business Automatic (Started) Automatic (Started) Automatic (Started)
Vista Ultimate Automatic (Started) Automatic (Started) Automatic (Started)
Vista Enterprise Automatic (Started) Automatic (Started) Automatic (Started)

Service Names

Service Name (registry): PolicyAgent
Display Name: IPsec Policy Agent

Default Path and Command Line Options

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

Log On As

Account: Network Service

Dependencies

What service IPsec Policy Agent needs to function properly:

What other service require IPsec Policy Agent to function properly:

  • None (HB, HP, B, U)

Additional Reading