Microsoft Server 2008 R2 Group Policies & Network Policy and Access Services.

Slides:



Advertisements
Similar presentations
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
Advertisements

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
1 Routing and Remote Access Service (Week 15, Friday 4/21/2006) © Abdou Illia, Spring 2006.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Network Printing. Printer sharing Saves money by only needing one printer Increases efficiency of managing resources.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.
Lesson 19: Configuring Windows Firewall
IT:Network:Apps.  Security Options  Group Policy  AppLocker  ACL.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
11 NETWORK PROTOCOLS AND SERVICES Chapter 10. Chapter 10: Network Protocols and Services2 NETWORK PROTOCOLS AND SERVICES  Identify how computers on TCP/IP.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
TUTORIAL # 2 INFORMATION SECURITY 493. LAB # 4 (ROUTING TABLE & FIREWALLS) Routing tables is an electronic table (file) or database type object It is.
Module 8: Configuring Virtual Private Network Access for Remote Clients and Networks.
Good Afternoon and Thank You!.  Have some Fun!  Learn at least one thing new!  Make myself available to you So please …  Ask questions and enjoy!
Managing Windows Server 2008 R2 Lesson 2. Objectives.
Chapter Six Windows XP Security and Access Controls.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
Troubleshooting Windows Vista Security Chapter 4.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
Module 12: Routing Fundamentals. Routing Overview Configuring Routing and Remote Access as a Router Quality of Service.
Module 11: Remote Access Fundamentals
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Overview Introduction to Managing User Environments Introduction to Administrative Templates Using Administrative Templates in Group Policy Assigning Scripts.
11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.
BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.
Page 1 TCP/IP Networking and Remote Access Lecture 9 Hassan Shuja 11/23/2004.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Internet Authentication Service.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
Module 5: Designing Security for Internal Networks.
1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.
Using Routing and Remote Access Chapter Five. Exam Objectives in this Chapter:  Plan a routing strategy Identify routing protocols to use in a specified.
Module 10: Windows Firewall and Caching Fundamentals.
Lesson 6: Controlling Access to Local Hardware and Applications
Configure and Security Remote Acess. Chapter 8 Advance Computer Network Lecture Sorn Pisey
By Daniel Grim. What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline.
COMP1321 Digital Infrastructure Richard Henson March 2016.
Windows Vista Configuration MCTS : Advanced Networking.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
Microsoft Windows NT 4.0 Authentication Protocols
Configuring Windows Firewall with Advanced Security
Securing the Network Perimeter with ISA 2004
Configuring and Troubleshooting Routing and Remote Access
Implementing TMG Server Publishing
Lesson #10 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 10 Configuring Network and Firewall Settings.
Windows 7                      .
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

Microsoft Server 2008 R2 Group Policies & Network Policy and Access Services

Agenda Group Policies Network Policy and Access Services

Group Policies Using Group Policies to harden Windows 7 The following will outline several methods to secure a network environment using Group Policies Microsoft doc defining settings to harden Windows 7

Group Policies Computer Configuration(CC)  Privacy settings Interactive logon: Do not display last user name CC  Security Settings Shutdown: Allow system to be shut down without having to log on Network security: Do not store LAN Manager hash value on next password change This security setting determines if, at the next password change, the LAN Manager (LM) hash value for the new password is stored. The LM hash is relatively weak and prone to attack, as compared with the cryptographically stronger Windows NT hash. Since the LM hash is stored on the local computer in the security database the passwords can be compromised if the security database is attacked.

Group Policies Network access: Do not allow storage of credentials or.NET Passports for network authentication This security setting determines whether Credential Manager saves passwords and credentials for later use when it gains domain authentication. If you enable this setting, Credential Manager does not store passwords and credentials on the computer. Removable Disks: Deny write access Internet Explorer Disable context menu Ensures that users cannot access other features that have been disabled Disable customizing buttons Disable Internet Options tabs

Group Policies Control Panel Access Prevent access Windows Explorer Do not move deleted files to the Recycle Bin Hide these specified drives in My Computer Start menu and taskbar Hide the notification area Lock the Taskbar System Prevent access to registry editing tools Prevent access to the command prompt

Group Policies Controlling applications Application Control Policies Software Restriction Policies

Group Policies Applocker requirements Works on Windows 7 and newer Only available on 7 Enterprise and Ultimate…not Pro  Application Identity service must be running. Add default rules to prevent stepping on “required” services

Group Policies Applocker Add default rules Create new rule

Group Policies Software Restriction Polices Similar to Applocker, works on XP and later

GPO Questions

Network Policy and Access Services Routing and Remote Access Service(RRAS)-pronounced “R-Razz” Formerly Remote Access Service in NT 4.0 Bundled to compete with Novell's NetWare Connect Now included as a role in Network Policy and Access Services

Network Policy and Access Services First we must know some routing information TCP adds more to IP to allow they concepts of connection Handshaking—3 way handshake. SYN, SYN/ACK, SYN Sequencing—ensures that no two bytes are repeated or sent out of sequence Flow control—keeps traffic flowing w/out having to wait and take up too much memory. Error indication—an application that closes unexpectedly can be signaled to its communicating partner with a reset Ports—each IP address has 131,070 ports. Similar to extensions for a phone number Socket Port (both local and foreign) IP Address (both local and foreign) Protocol (TCP/UDP)

Network Policy and Access Services Routing un-routable addresses? NAPT—Network address/port translator. One external IP address for several internal private IP addresses. This router would look beyond the IP layer into the TCP/UDP layer and use the IP address and port to map connections. This is also referred to as Port Address Translation (PAT)

Network Policy and Access Services Viewing and troubleshooting our routing tables Route print

Network Policy and Access Services Viewing and troubleshooting our routing tables Commands add using route and netsh route add mask metric 100 route add / metric 100 (same as above) Netsh interface ipv4 add route /16 “Local Area Connection” Route del Netsh interface ipv4 delete route /8 “Local Area Connection”

Network Policy and Access Services Two functions: Accepting Inbound calls Universal Gateway to your network Same functionality as if they were attached to the LAN, although slower. Connecting one private network to another. Placing Outbound calls (DUN) Dial Up Networking Internet Connectivity Internet Gateway utilizing NAT (Network Address Translation) Poor-mans proxy server

Network Policy and Access Services Accepting VPN (virtual private network) from remote clients Running a secure private network over an insecure public network (internet). All clients need is an internet connection and a valid IP address and then establishing a VPN session to the RAS server. Session is secure and encrytped.

Network Policy and Access Services Added as a Role in 2008 R2

Network Policy and Access Services Add supporting role features

Network Policy and Access Services After installed, you must Enable Routing and Remote Access Read carefully all options based on need

Network Policy and Access Services Determine how the remote uses will be assigned IP addresses for internal network.

Network Policy and Access Services

Configure client connection by adding a new connection in Network and Sharing Center

Network Policy and Access Services Select connection option and complete wizard on workstation

Things to consider How will it be utilized? What will be running on your DUN or VPN? File-based apps versus client-server apps Microsoft Access versus Microsoft SQL Server Access requests continuously query the drive after each record search. SQL a query is sent to the server from a client application and the query is run at the server and results are then transmitted back to the client. What connection will be required? RRAS supports: X.25: old “cloud” technology that typically tops out at 56-64k, although reliable Frame-Relay: same as x.25 but faster, single connection to cloud. Modems ISDN Point to point…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.