5.1 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning.

Slides:



Advertisements
Similar presentations
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Advertisements

1 Routing and Remote Access Service (Week 15, Friday 4/21/2006) © Abdou Illia, Spring 2006.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
Chapter 11 Configuring Dynamic Host Configuration Protocol
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 5: Planning, Configuring, And Troubleshooting DHCP.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
14.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
15.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 8 Administering TCP/IP.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Chapter 13 Chapter 13: Managing Internet and Network Interoperability.
Lesson 11: Deploying and Configuring the DHCP Service
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Hands-On Microsoft Windows Server 2003 Networking Chapter 5 Dynamic Host Configuration Protocol.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..
Chapter 11: Dial-Up Connectivity in Remote Access Designs
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
16.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
VPN Scenarios © N. Ganesan, Ph.D.. Chapter Objectives.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.
Managing DHCP. 2 DHCP Overview Is a protocol that allows client computers to automatically receive an IP address and TCP/IP settings from a Server Reduces.
Ch 8-3 Working with domains and Active Directory.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 4: Dynamic Host Configuration Protocol.
Lesson 3 Introduction to Networking Concepts Lesson 3.
Implementing Dynamic Host Configuration Protocol
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
Name Resolution Domain Name System.
Implementing Dynamic Host Configuration Protocol
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 7: Domain Name System.
6.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 6: Administering User Accounts.
11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
70-411: Administering Windows Server 2012
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
Module 4: Planning, Optimizing, and Troubleshooting DHCP
Week 7 Objectives Installing a DHCP Server Role Configuring DHCP Scopes Managing a DHCP Database Securing and Monitoring DHCP.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
Module 11: Remote Access Fundamentals
11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
1 Microsoft Windows 2000 Network Infrastructure Administration Chapter 10 Implementing Dynamic Host Configuration Protocol (DHCP)
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Page 1 TCP/IP Networking and Remote Access Lecture 9 Hassan Shuja 11/23/2004.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Internet Authentication Service.
Module 4: Configuring and Troubleshooting DHCP
Windows Server 2003 La migrazione da Windows NT 4.0 a Windows Server 2003 Relatore: MCSE - MCT.
2.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 2: Examining.
IMPLEMENTING DHCP Chapter 1
Using Routing and Remote Access Chapter Five. Exam Objectives in this Chapter:  Plan a routing strategy Identify routing protocols to use in a specified.
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
6.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
1 Chapter 8: DHCP in IP Configuration Designs Designs That Include DHCP Essential DHCP Design Concepts Configuration Protection in DHCP Designs DHCP Design.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 9: Dynamic Host Configuration Protocol (DHCP)
1 Welcome to Designing a Microsoft Windows 2000 Network Infrastructure.
Configuring and Managing the DHCP Server Role. DHCP overview RARP – one of the first ways to assign addresses BOOTP – Another legacy way to assign addresses.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
Module 9: Configuring Network Access
Introduction to Networking Concepts
Configuring and Troubleshooting DHCP
Configuring and Troubleshooting Routing and Remote Access
Goals Introduce the Windows Server 2003 family of operating systems
Allocating IP Addressing by Using Dynamic Host Configuration Protocol
Presentation transcript:

5.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Goals  Design the DHCP infrastructure  Design the remote access infrastructure  Design remote access policies

5.2 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Dynamic Host Configuration Protocol (DHCP)  A simple, but critical, service  Functionality  Provides IP addressing information to client computers  Records the addresses leased  Can also be configured to notify DNS of address leases to update and maintain a Dynamic DNS (DDNS) zone Designing the DHCP Infrastructure (Skill 1)

5.3 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Number of subnets supported in the design  Helps determine how many scopes are required  Identifies how many addresses will be provided via DHCP  Indicates how many superscopes are required  Identifies the exclusions and reservations that will be required Designing the DHCP Infrastructure (4) (Skill 1)

5.4 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  RFC 1542 compliance in routers  To be RFC 1542-compliant, routers themselves must be capable of acting as Bootstrap Protocol (BOOTP) relay agents  Determines whether you require any DHCP relay agents to create a centralized DHCP design  Number of scopes required  Typically determined once you examine the subnet model Designing the DHCP Infrastructure (5) (Skill 1)

5.5 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Number of superscopes required  A superscope is a way of combining more than one non-contiguous IP address range into a single scope  Superscopes are only required when you need multiple non-contiguous subnets to be leased to a single physical subnet Designing the DHCP Infrastructure (6) (Skill 1)

5.6 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Reservations and exclusions  Reservations are typically used when you do not want to manually configure each client, but you want a specific group of clients to always have the same IP address  Exclusions are addresses that will never be handed out by the DHCP server Designing the DHCP Infrastructure (7) (Skill 1)

5.7 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Presence of other DHCP servers/Active Directory integration  Active Directory server authorization  Windows Server 2003 and Windows 2000 Server require DCHP servers to be authorized in Active Directory before starting, which is a mechanism to disable rogue DHCP servers  Windows NT, Unix, and NetWare DHCP servers, as well as client systems with Internet Connection Sharing enabled, do not have this feature  It is important to know where the other devices are on the network that may potentially function as a DHCP and make sure that they are not configured to offer IP addresses Designing the DHCP Infrastructure (8) (Skill 1)

5.8 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Redundancy requirements  Generally want at least two DHCP servers hosting each scope  Servers do not have to be solely dedicated to DHCP  DHCP can be installed on file servers, print servers, and even domain controllers Designing the DHCP Infrastructure (9) (Skill 1)

5.9 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Two basic types of DHCP infrastructure designs  Centralized  Decentralized Designing the DHCP Infrastructure (10) (Skill 1)

5.10 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Centralized design  Place two or more DHCP servers in a central hub location and enable BOOTP forwarding on routers for remote DHCP-enabled subnets  Typically easier to administer and less costly  May make meeting redundancy requirements difficult Designing the DHCP Infrastructure (11) (Skill 1)

5.11 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Decentralized design  Place a DHCP server on each DHCP-enabled subnet, with a backup copy of each different scope on an adjacent server  Requires more administrative resources  Requires more server resources  Makes achieving redundancy much easier Designing the DHCP Infrastructure (12) (Skill 1)

5.12 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-4 Reservations and exclusions (Skill 1)

5.13 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-5 Decentralized DHCP model (Skill 1)

5.14 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-6 Centralized DHCP model (Skill 1)

5.15 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Remote access infrastructure design considerations  Type of remote access (dial-up or VPN) required  How many concurrent users must be supported  Availability requirements Designing the Remote Access Infrastructure (Skill 2)

5.16 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Type of remote access (dial-up or VPN) required  Determines the physical considerations of the design  Dial-up (POTS or ISDN) must ensure there are enough incoming lines  VPN  Ensure you have adequate Internet bandwidth  Ensure the encryption load can be supported Designing the Remote Access Infrastructure (2) (Skill 2)

5.17 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Availability requirements  Determines the number of RAS servers required  Determines the configuration of RAS servers  If using VPNs, can use network load balancing (NLB) for maximal availability  If using dial-up, specialized hardware to distribute connections is typically required Designing the Remote Access Infrastructure (3) (Skill 2)

5.18 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Hardware requirements  RAS is a fairly low-impact service  Network connectivity for RAS server is biggest consideration  When using VPNs, make sure server’s processing capability can support the encryption requirements of the connections Designing the Remote Access Infrastructure (4) (Skill 2)

5.19 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Server placement  Place RAS server and RAS connectivity as near as possible to the network resources that remote users will most commonly access  Placement of servers vis-à-vis the firewall is very important Designing the Remote Access Infrastructure (5) (Skill 2)

5.20 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Authentication, authorization, and accounting (AAA)  RADIUS is generally a better choice than Windows Accounting  Provides centralization of remote access policies and accounting information Designing the Remote Access Infrastructure (6) (Skill 2)

5.21 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Auditing and logging options  Enable Internet Authentication Service (IAS) logging to keep a running list of connections made to RAS server  Enable logging of accounting and authentication requests  Audit successful and failed account logon events Designing the Remote Access Infrastructure (7) (Skill 2)

5.22 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-10 Placement of a VPN server (Skill 2)

5.23 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Remote access policy conditions  Used to match a specific policy to a given user  Available condition components  Authentication-Type: Matches users based on the type of authentication protocol they are using  Called-Station-ID: Matches users based on the phone number they dialed  Calling-Station-ID: Matches users based on the phone number from which they are calling Designing Remote Access Policies (2) (Skill 3)

5.24 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Available condition components  Client-Friendly-Name: Defines the friendly name of the RADIUS client that is requesting use of the RADIUS server  Client-IP-Address: Matches the IP address of RADIUS client that is requesting access  Client-Vendor: Matches the vendor of the RADIUS client  Day-and-Time-Restrictions: Matches the user based on the day and time they attempt to connect Designing Remote Access Policies (3) (Skill 3)

5.25 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Remote access policy permissions  Used to control access  Set to allow or deny access  Remote access policy profile  Used to restrict which remote access settings are supported  Settings are defined in the Edit Dial-in Profile dialog box Designing Remote Access Policies (6) (Skill 3)

5.26 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Tabs in the Edit Dial-in Profile dialog box  Dial-in Constraints tab: Used to define any needed restrictions for the dial-in properties of the policy  IP tab: Used to define the IP properties associated with the connections to which this profile applies  Multilink tab: Used to define the setting applied to multilink connections for this policy Designing Remote Access Policies (7) (Skill 3)

5.27 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services  Tabs in the Edit Dial-in Profile dialog box  Authentication tab: Used to define the authentication methods allowed by this policy  Encryption tab: Used to define MPPE encryption levels for the connection  Advanced tab: Used to define special settings to be returned from RADIUS servers to RADIUS clients Designing Remote Access Policies (8) (Skill 3)

5.28 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-11 Components of a remote access policy (Skill 3)

5.29 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-12 Dial-in Constraints tab (Skill 3)

5.30 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-13 IP tab (Skill 3)

5.31 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-14 Multilink tab (Skill 3)

5.32 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-15 Authentication tab (Skill 3)

5.33 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-16 Encryption tab (Skill 3)

5.34 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 5: Planning Network Services Figure 5-17 Advanced tab (Skill 3)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.