Presentation is loading. Please wait.

Presentation is loading. Please wait.

KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT375-01 Introduction to Network Security Instructor.

Published byRandell Jones Modified over 7 years ago

Similar presentations

Presentation on theme: "KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT375-01 Introduction to Network Security Instructor."— Presentation transcript:

1 KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT375-01 Introduction to Network Security Instructor – Jan McDanolds, MS, Security+ Contact Information: AIM – JMcDanolds Email: jmcdanolds@kaplan.edu Phone: 641-649-2980 Office Hours: Tuesday, 7:00 PM ET or Thursday, 7:00 PM ET

2 UNIT 6 REVIEW File Services and Print Services Chapter 7: Discuss File Services in Windows Server 2008 Install the Distributed File System (DFS) Discuss and create shared file resources Chapter 8: Discuss the Windows Printer Model and how it is implemented Install the Print Services components of Windows Server 2008 Deploy printers with Windows Server 2008 Configure printers on a Windows Server 2008 network No quiz Any questions about File Services, DFS or Print Services?

3 UNIT 7 What is a router? Unit 7 covers Chapter 9 – Network Policy and Access Services in Windows Server 2008 A router is a device that holds information about the state of its own network interfaces and contains a list of possible sources and destinations for network traffic. A router directs incoming and outgoing packets based on source and destination information. In Chapter 3, routers were introduced (pg. 84). TCP/IP addresses enable routers to interconnect subnets or networks. Do you need a dedicated hardware router, a software-based router, or a combination of both?

4 UNIT 7 Network Policy and Access Services in Windows Server 2008 Chapter 9 Configure routing in Windows Server 2008 Configure Routing and Remote Access Services (RRAS) in Windows Server 2008 Describe Network Policy Server Discuss wireless networking with Windows Server 2008

5 UNIT 7 Configuring RRAS as a Router Windows Server 2008 can act as a software-based router for small networks. It can also act as a DHCP relay agent.

6 UNIT 7 Configuring Routing in Windows Server 2008 Routing and Remote Access Services (RRAS) Only recommended for use in small networks that require simple routing directions - Not recommended for large and complex environments http://technet.microsoft.com/en-US/network/bb545655.aspx Dial-up remote access server Virtual private network (VPN) remote access server Internet Protocol (IP) router for connecting subnets of a private network Network address translator (NAT) for connecting a private network to the Internet Dial-up and VPN site-to-site demand-dial router

7 UNIT 7 Viewing local routes Open the command prompt and type route print

8 UNIT 7 Working with Routing Tables Routing tables are composed of routes Routes - direct data traffic to its destination based on the information it contains Routing tables - can be managed in the RRAS console or from the command line using the route command

9 UNIT 7 Configuring RRAS as a Router RRAS in Windows Server 2008 supports remote user or site-to-site connectivity by using virtual private network (VPN) or dial-up connections. RRAS consists of the following components: Remote Access - deploy VPN connections to provide end users with remote access to your organization's network. You can also create a site-to-site VPN connection between two servers at different locations. Routing - as a software router it offers routing services to businesses in local area network (LAN) and wide area network (WAN) environments or over the Internet by using secure VPN connections. Routing is used for multiprotocol LAN-to-LAN, LAN-to- WAN, VPN, and network address translation (NAT) routing services.

10 UNIT 7 Configuring Routes Static routing is limited for the following reasons: Requires manual creation and management Should not be used on networks with more than 10 subnets All affected routers require reconfiguration if the network changes Dynamic protocols Route traffic based on information they discover about remote networks from other routers Routing Information Protocol version 2 (RIPv2) Uses partner routers, or RIP neighbors, in determining the dynamic routes it can use for forwarding packets of data

11 UNIT 7 Configuring a DHCP Relay Agent DHCP relay agent – Manages communication between a DHCP server and clients on subnets without a DHCP server. With RRAS, network adapters listen for DHCP broadcast messages Type netsh ? To view syntax and options

12 UNIT 7 Configuring Dial-on-Demand Routing Demand-dial routing Allows a server to initiate a connection only when it receives data traffic bound for a remote network Can use dial-up networks instead of more expensive leased lines

13 UNIT 7 Configuring Remote Access Services Dial-up networking Connects remote users to their networks using a standard phone line Virtual Private Networks (VPN) Allows client connections to a network from remote locations Works by creating a secure tunnel for transmitting data packets between two points VPN tunneling protocols: Point-to-Point Tunneling Protocol, Layer 2 Tunneling Protocol, Secure Socket Tunneling Protocol

14 UNIT 7 Routing and Remote Access Properties Routing and Remote Access IPv4 and IPv6

15 UNIT 7 VPN Firewall Ports Outbound and Inbound

16 UNIT 7 Network Address Translation (NAT) NAT allows you to shield internal IP address ranges from public networks by allowing internal clients to access the Internet through a shared IP address (192.168.0.0, etc.)

17 UNIT 7 Introduction to Network Policy Server Network Policy Server (NPS) Role service that provides a framework for creating and enforcing network access policies for client health Can be used to: Configure a RADIUS server (Remote Authentication Dial-in User Service) Configure a RADIUS proxy Configure and implement Network Access Protection (NAP) NPS Console - Central utility for managing RADIUS clients and remote RADIUS servers Network health and access policies NAP settings for NAP scenarios Logging settings

18 UNIT 7 Introduction to RADIUS RADIUS - Industry-standard protocol that provides centralized authentication, authorization, and accounting for network access devices Components of RADIUS RADIUS clients Network access servers RADIUS proxy RADIUS server User account database

19 UNIT 7 RADIUS with proxy server

20 UNIT 7 RADIUS without proxy server

21 UNIT 7 RADIUS message flow EAP - Extensible Authentication Protocol

22 UNIT 7 RADIUS Server Used on networks to perform authentication, authorization, and accounting for RADIUS clients RADIUS client Can be an NPS, which replaces the IAS from previous versions of Windows Server RADIUS - Standardized network protocol that centralizes the following process for user connections Authentication Authorization Accounting

23 UNIT 7 RADIUS Proxy and NAP NPS - Can be configured as a RADIUS proxy RADIUS proxies Route RADIUS messages between RADIUS clients and RADIUS servers Network Access Protection (NAP) Provides a tool for you to block external and internal network threats Can be broken into three parts Health policy validation Health policy compliance Limited access

24 UNIT 7 Authentication Protocols Supported authentication protocols: -Extensible Authentication Protocol–Transport Layer Security (EAP-TLS) -Protected Extensible Authentication Protocol– Transport Layer Security (PEAP-TLS) -Protected PEAP–Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP- MSCHAPv2)

25 UNIT 7 Wireless Access Configuration 802.1x standard - Developed by the Institute of Electrical and Electronics Engineers (IEEE) On 802.1x networks - Network access control provides an authentication mechanism to allow or deny network access based on port connection Categories of EAP implementations EAP over local area network (LAN) EAP over wireless 802.1x uses a three-component model for authenticating access to networks Supplicant Authenticator Authentication server

26 UNIT 7 Wireless Configuration 802.1X authentication process

27 UNIT 7 Unit 7 Part A - Assignment Part A – Complete nine Chapter 9 labs.

28 UNIT 7 Unit 7 Part B - Assignment Part B – Synopsis of Windows Server 2008 Essay

Download ppt "KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT375-01 Introduction to Network Security Instructor."

Similar presentations

CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
4.1 Configuring Network Access Components of a Network Access Services Infrastructure What is the Network Policy and Access Services Role? What is Routing.

4.1 Configuring Network Access Components of a Network Access Services Infrastructure What is the Network Policy and Access Services Role? What is Routing.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
Module 10: Configuring Virtual Private Network Access for Remote Clients and Networks.

Module 10: Configuring Virtual Private Network Access for Remote Clients and Networks.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.

Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Virtual Private Network (VPN) © N. Ganesan, Ph.D..
Configuring Routing and Remote Access (RRAS) and Wireless Networking Lesson 5.

Configuring Routing and Remote Access (RRAS) and Wireless Networking Lesson 5.
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.

1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

Similar presentations

Ads by Google