access points See wireless APs (access points)
access tier 8
account lockout 360, 402–403, 422
accounting
configuring IAS RADIUS server 366
described for IAS 321
optimizing for IAS 341
security for remote site connectivity 486
Active Directory
adding router user accounts to groups 524
authorizing DHCP servers 84
choosing user accounts 496
configuring for WLAN 580
configuring remote access permissions 580
configuring user accounts and groups for remote site-to-site connections 523–524
creating groups for wireless users and computers 581
creating user accounts for routers 523
deploying for remote site-to-site connections 521
DNS zone replication 151–153, 163
groups and group policy for wireless access 556
integrated DNS zones 150–151
registering IAS server 581
wireless network policies 577
Active Directory-integrated zones 150–151
additional resources
Connection Manager deployments 466–467
DHCP deployments 110–111
dial-up networking deployments 426–427
DNS deployments 174–175
IAS deployments 373–374
IPSec deployments 309
ISA Server deployments 241
remote site connectivity 549–550
TCP/IP network design 67–68
VPN deployments 426–427
WINS deployments 211–212
wireless LAN deployments 592–593
address allocation methods 23
administrative scoping 41
administrator role, DNS 116
ADSI Edit 548
advanced customization, Connection Manager 445–447
aggregation 20–21
AH (Authentication Header) 250, 283
All ICMP Traffic IPSecfilter list 276
All IP Traffic IPSec filter list 276
anycast IPv6 addresses 54
APIPA (Automatic Private IP Addressing) 27
application directory partitions 117
application gateways 32
application server, IPSec 258
APs See wireless APs (access points)
assigning IPSec policies
client policies 305
domain-based policies 299
driver startup modes 302
GPO (Group Policy object) 299
Group Policy 297
local computer policy 301
methods for assigning policies 298
Netsh tool 304
new default container permissions 296
OU (organizational unit) 300
overview 295
persistent IPSec policy 301
precedence 297
protection during computer startup 302–304
Safe Mode with Networking 303
server policies 305
auditing IAS 321
authentication
accounting and authorization for remote site connectivity 486
computer-level for remote site connectivity 491
Connection Manager 433
IAS See authentication methods for IAS
IKE (Internet Key Exchange) 294
IPSec 250–251, 267, 284
Kerberos V5 285
methods for remote site connectivity 488–491, 543
providers for remote site connectivity 486–487, 543
public key certificates 286
user-level for remote site connectivity 488–490
VPN 380, 392–394
Windows 486
wireless LANs 571
Authentication Header (AH) 250, 283
authentication methods for IAS
access servers 366
described 321
optimization 341
overview 314
performance 338
protocols supported 354–357
RADIUS clients and servers 361
specifications for common policies 349
wireless security risks 335
authoritative DNS server 118
authorization
DHCP servers in Active Directory 84
IAS described 321
IAS remote client access 346
security for remote site connectivity 486
wireless LANs 571
autoconfiguration for wireless LANs 576
autoenrollment for wireless LANs 576
Automatic Private IP Addressing (APIPA) 27
auto-static updates for remote site connectivity
configuring 539
overview 503
availability
DHCP servers 77–81
DNS servers 143–144
IAS servers 339
ISA Server 225–231
remote access servers 404
TCP/IP networks 32–35
WINS 184–188