Using RADIUS Within the Framework of the School Environment Charles Bolen Systems Engineer December 6, 2011.

Slides:



Advertisements
Similar presentations
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Advertisements

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
What to expect.  Linux  Windows Server (2008 or 2012)
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Module 5: Configuring Access to Internal Resources.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Chapter 7 HARDENING SERVERS.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
15.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
(Remote Access Security) AAA. 2 Authentication User named "flannery" dials into an access server that is configured with CHAP. The access server will.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
Hands-On Microsoft Windows Server Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..
Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.
Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
VPN Scenarios © N. Ganesan, Ph.D.. Chapter Objectives.
Windows 2003 and 802.1x Secure Wireless Deployments.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Clinic Security and Policy Enforcement in Windows Server 2008.
1 Setting up 802.1X networks by using Internet Authentication Service.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
1 Week #7 Network Access Protection Overview of Network Access Protection How NAP Works Configuring NAP Monitoring and Troubleshooting NAP.
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.
8.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 8: Introducing Computer Accounts.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
70-411: Administering Windows Server 2012
Implementing Network Access Protection
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1 Week 6 – NPS and RADIUS Install and Configure a Network Policy Server Configure RADIUS Clients and Servers NPS Authentication Methods Monitor and Troubleshoot.
Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,
Module 11: Remote Access Fundamentals
Wireless standards Unit objective Compare and contrast different wireless standards Install and configure a wireless network Implement appropriate wireless.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Module 8: Configuring Network Access Protection
1/28/2010 Network Plus Unit 4 WAP Configuration WAP Configuration In this section we will discuss basic Wireless Access configuration using a Linksys.
5.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning.
Module 9: Designing Network Access Protection. Scenarios for Implementing NAP Verifying the health of: Roaming laptops Desktop computers Visiting laptops.
Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Internet Authentication Service.
Welcome Windows Server 2008 安全功能 -NAP. Network Access Protection in Windows Server 2008.
Configuring Network Access Protection
Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.
Network Components David Blakeley LTEC HUB A common connection point for devices in a network. Hubs are commonly used to connect segments of a LAN.
© 2005,2006 NeoAccel Inc. Partners Presentation Authentication & Access Control.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
Module 6: Network Policies and Access Protection.
Network Access Control
.  Hubs send data from one computer to all other computers on the network. They are low-cost and low-function and typically operate at Layer 1 of the.
Windows Installing or Upgrading to Windows 2000.
Module 5: Network Policies and Access Protection
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Introduction to Networking.
Chapter 17 Windows NT/2000 Domains Cisco Learning Institute Network+ Fundamentals and Certification Copyright ©2005 by Pearson Education, Inc. Upper Saddle.
Port Based Network Access Control
Understand User Authentication LESSON 2.1A Security Fundamentals.
Basharat Institute of Higher Education
Chapter 1 Introduction to Networking
Module 9: Configuring Network Access
Implementing Network Access Protection
EA C451 Vishal Gupta.
Wireless Modes.
Implementing TMG Server Publishing
Goals Introduce the Windows Server 2003 family of operating systems
Windows Active Directory Environment
Presentation transcript:

Using RADIUS Within the Framework of the School Environment Charles Bolen Systems Engineer December 6, 2011

What is Our Goal? Protect our wireless networks  Security  Liability  Control Bandwidth usage

What is RADIUS? Remote Authentication Dial In User Service Developed in 1991 – Mature Protocol Client/Server protocol running at the Application Layer

The 3 Functions of RADIUS (AAA) Authentication of Users or Devices BEFORE they connect to the network Authorization of Users or Devices for Network Usage (Access Reject or Access Accept) Accounting for usage of services (AAA Transaction)

Who Are the Players? Laptops, iPhones, iPads, Android Devices, Workstations Access Point, Network Switch (RADIUS Client) Wireless Controller (RADIUS Client) Network Policy Server (NPS) (RADIUS Server) Domain Controller (Active Directory) Active Directory Certificate Services Group Policy DHCP DNS

Required Components Domain Controller (2008 R2 Enterprise) (Limited functionality with 2003) AD Certificate Services* 2003 Server this is simply called Certificate Services Network Policy Server* 2003 Server this is called IAS (Internet Authentication Server) DHCP and DNS Access Points that support 802.1x (All Cisco LWAP’s and AP’s on WVTFS contract sold by Pomeroy) (Additional antennas recommended for Cisco 1200 series not sold by Pomeroy if unit only has GHz and/or GHz antenna) Cisco Wireless LAN Controller (WLC) 4400 series & 5500 series 2100 series supported, but only for smaller scale implementations (100 MB interface is a limiting factor)

How Do Clients Get Certificates? Domain computers  Group policy will push the certificates to the client  May take up to 20 minutes (per Microsoft)  Can speed process with ‘gpupdate /force’  New domain members need connected to wired network when joined to domain

How Do Clients Get Certificates? Non-Domain members and non-MS devices  Enter username and password for machine authentication  Wireless LAN Controller relays authentication request to the RADIUS server  Access is granted based on Active Directory privileges

Basic Configuration Configure RADIUS  Client component on Cisco Wireless LAN Controller  Server component on Network Policy Server Install Certificate Services Install Network Policy Server(s) Certificate Group Policy is Configured  Push certificates to workstations  Push Wireless Policy to workstations Create Wireless Access group, add computers Configure Network Policies on NPS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.