WinSecWiki > Security Settings > Local Policies > Audit Policy > Audit Logon > IPsec Quick
IPsec Quick Mode
IPSec is an IP protocol that provides authentication, integrity and optionally encryption at the packet level. This subcategory records all IPSec quick mode events. Why is this subcategory under Logon/Logoff? Your guess is as good as mine.
There are additional subcategories for main mode and extended mode as well as the IPSec driver itself. You can only configure this category using auditpol.
Coverage on events generated by this category are currently in the Security Log Encyclopedia:
Back to top