IPsec Policy Agent (PolicyAgent) Service Defaults in Windows 8

Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.

Default Settings

Startup type: Manual
Display name:IPsec Policy Agent
Service name:PolicyAgent
Service type:share
Error control:normal
Object:NT Authority\NetworkService
Path:%SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted
File:%SystemRoot%\System32\ipsecsvc.dll
Registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
Privileges:
  • SeAuditPrivilege
  • SeChangeNotifyPrivilege
  • SeCreateGlobalPrivilege
  • SeImpersonatePrivilege

Default Behavior

IPsec Policy Agent is a Win32 service. In Windows 8 it will not be started until the user starts it. When the IPsec Policy Agent service is started, it runs as NT Authority\NetworkService in a process of svchost.exe, sharing it with other services. If IPsec Policy Agent fails to start, the error details are added to Windows 8 error log. When the operating system startup is complete, the user is being notified that the PolicyAgent service hasn't been started.

Dependencies

IPsec Policy Agent can't start, if any service from the list below is disabled or not available:

Restore Default Startup Configuration of IPsec Policy Agent

Before you begin doing this, make sure that all the services on which IPsec Policy Agent depends are configured by default and function properly. See the list of dependencies above.

1. Run the Command Prompt as an administrator.

2. Copy the command below, paste it into the command window and press ENTER:

sc config PolicyAgent start= demand

3. Close the command window and restart the computer.

The PolicyAgent service is using the ipsecsvc.dll file that is located in the C:\Windows\System32 directory. If the file is removed or corrupted, read this article to restore its original version from Windows 8 installation media.