The IPsec Policy Agent (PolicyAgent) service provides end-to-end security between clients and servers on TCP/IP networks, manages IPsec policy settings, starts the Internet Key Exchange (IKE), and coordinates IPsec policy settings with the IP security driver. The service is controlled by using the NET START and NET STOP commands.
IPsec operates at the Internet Protocol layer of the operating system, and it is transparent to other operating system services and applications. The service provides packet filtering, and it can negotiate security between computers on IP networks.
If the IPsec Policy Agent service stops, TCP/IP security between clients and servers on the network is impaired.
This service is installed by default and its startup type is Manual on computers running Windows Server 2008 R2 or Windows 7. When the IPsec Policy Agent service is started in its default configuration, it logs on by using the Network Service account.
The IPsec Policy Agent service is dependent upon the following system components:
- Base Filtering Engine
- Remote Procedure Call (RPC)
- DCOM Server Process Launcher
- RPC Endpoint Mapper
- TCP/IP Protocol Driver