IPsec Policy Agent (PolicyAgent) Service Defaults in Windows 10

Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Defender Firewall is not available when this service is stopped.

Default Settings

Startup type: Manual
Display name:IPsec Policy Agent
Service name:PolicyAgent
Service type:share
Error control:normal
Object:NT Authority\NetworkService
Path:%SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted -p
File:%SystemRoot%\System32\ipsecsvc.dll
Registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
Privileges:
  • SeAuditPrivilege
  • SeChangeNotifyPrivilege
  • SeCreateGlobalPrivilege
  • SeImpersonatePrivilege

Default Behavior

IPsec Policy Agent is a Win32 service. In Windows 10 it is starting only if the user, an application or another service starts it. When the IPsec Policy Agent service is started, it is running as NT Authority\NetworkService in a shared process of svchost.exe along with other services. If IPsec Policy Agent fails to start, the failure details are being recorded into Event Log. Then Windows 10 will start up and notify the user that the PolicyAgent service has failed to start due to the error.

Dependencies

IPsec Policy Agent cannot be started under any conditions, if the following services are disabled, deleted or working improperly:

Restore Default Startup Configuration of IPsec Policy Agent

Before you begin doing this, make sure that all the services on which IPsec Policy Agent depends are configured by default and function properly. See the list of dependencies above.

1. Run the Command Prompt as an administrator.

2. Copy the command below, paste it into the command window and press ENTER:

sc config PolicyAgent start= demand

3. Close the command window and restart the computer.

The PolicyAgent service is using the ipsecsvc.dll file that is located in the C:\Windows\System32 directory. If the file is removed or corrupted, read this article to restore its original version from Windows 10 installation media.