Q: How secure is the Distributed File System-Replication (DFSR) protocol? DFSR can be used in Windows Server 2008 for replicating System Volume (Sysvol) data between Windows domain controllers. I want to know whether DFSR encrypts the data it transports across the wire.

A: Unlike other file-related transport protocols, Microsoft designed DFSR from the start with data security on the Internet and WANs in mind. DFSR communication is always encrypted. DFSR always uses authenticated and encrypted remote procedure calls (RPCs) over TCP to replicate data. It's not possible to disable DFSR's use of authenticated and encrypted RPCs.

For more information on DFSR security, see Microsoft's DFS-R specification or the "DFS Replication: Frequently Asked Questions" TechNet page.