IPsec Policy Agent (PolicyAgent) Service Defaults in Windows 10

Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped.

Default Settings

Startup type:Manual
Display name:IPsec Policy Agent
Service name:PolicyAgent
Service type:share
Error control:normal
Object:NT Authority\NetworkService
Path:%SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted
File:%SystemRoot%\System32\ipsecsvc.dll
Registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
Privileges:
  • SeAuditPrivilege
  • SeChangeNotifyPrivilege
  • SeCreateGlobalPrivilege
  • SeImpersonatePrivilege

Default Behavior

IPsec Policy Agent is a Win32 service. In Windows 10 it is starting only if the user, an application or another service starts it. When the IPsec Policy Agent service is started, it is running as NT Authority\NetworkService in a shared process of svchost.exe along with other services. If IPsec Policy Agent fails to start, the failure details are being recorded into Event Log. Then Windows 10 will start up and notify the user that the PolicyAgent service has failed to start due to the error.

Dependencies

IPsec Policy Agent cannot be started under any conditions, if the following services are disabled, deleted or working improperly:

Restore Default Startup Configuration for IPsec Policy Agent

1. Select your Windows 10 edition and release, and then click Download.

2. Save the Win10_PolicyAgent_Service_Startup.cmd file to a local storage device.

3. Run the saved file as an administrator.

4. Restart the computer.

The PolicyAgent service is using the ipsecsvc.dll file that is located in the %WinDir%\System32 folder. If the file is changed, damaged or deleted, you can restore its original version from Windows 10 installation media.