Active Policy

Monitoring the active policy

The Active Policy node of the IP Security Monitor snap-in describes the Internet Protocol security (IPsec) policy that has been applied to this computer. You cannot use the IP Security Monitor snap-in to change the policy.

Only one IPsec policy can be active at a time. The active policy is the IPsec policy that has been applied to this computer, either manually by the administrator of this computer or through the use of Active Directory Domain Services and Group Policy objects (GPOs). The active policy might be defined using Group Policy objects instead of on the computer in the IP Security Policies snap-in.

Name and Description

This is the name and description given to the policy when it was created.

Last Modified

This is the time and date (local time) when the policy was last changed.

Store

This is where the policy is stored, in the local store (on the local computer) or a domain store.

Path

This is the Active Directory Lightweight Directory Access Protocol (LDAP) pathway that describes the exact, fully-qualified location in Active Directory for the IPsec policy that has been applied to this computer. This only applies to policies stored in Active Directory Domain Services. Locally stored policies will not have this path.

Organizational Unit

This is the LDAP pathway that describes the exact, fully-qualified Active Directory Domain Services organizational unit (OU) to which the policy was applied. This only applies to policies stored in Active Directory Domain Services. Locally stored policies will not have an organizational unit.

Group Policy Object Name

This is the name of the Group Policy object and not the IPsec policy. This only applies to policies stored in Active Directory Domain Services. Locally stored policies will not have a GPO name.