|
cabling
in test labs, 31
upgrade considerations, 10, 28–29
cache pollution, 406
cached IPSec policy, 748
caching name servers, 374
callback security, 513
Calling Line Identification (CLI), 317
Canonical name (CNAME), 343
CAs. See certification authorities (CAs)
case-sensitivity, 359
CDPs (CRL Distribution Points), 886–887
central processing unit (CPU), 80, 425, 445
See also processors
centralization, 13–14
certificate revocation list, 911
See also Delta Certificate Revocation Lists (Delta CRLs)
Certificate Services
for CA creation, 71–75
installation of, 873–875
process of, 872–873
certificate templates
enrollment/distribution of, 887–892
version 2 of Server 2003, 868
certificate trust list (CTL), 883
certificates
application, 870
CA security and, 129
data in, 71
digital, 868–870
machine, 870
placing CA on VLAN for, 503
requests, 892–895
revocation, 886–887
smart cards for remote access, 514
user, 497, 870, 896
uses for, 69, 70–71
Certificates MMC snap-in, 497–499
certificates, PKI
auto-enrollment deployment, 895–896
enrollment/distribution of, 887
requests, 892–895
role-based administration, 896–897
templates, 887–892
certification authorities (CAs)
certificate revocation, 886–887
Certificate Services and, 71–75
certificates, 70–71
function of, 69
hierarchy, planning, 881–884, 911
needs analysis, 881
overview of, 862, 870–872, 907
placing on VLAN, 503
Public Key Infrastructure and, 69–70
securing, 129
security, 885
types of, 881–883
certification authorities (CAs), PKI
configuring, 876–880
implementing, 875–876
Certification Authority snap-in, 876, 907
Certification Revocation List (CRL), 71
chaining, 72
Challenge Handshake Authentication Protocol (CHAP), 509–511
change and configuration management framework, 830, 850
change-only replication, WINS, 428
CHAP (Challenge Handshake Authentication Protocol), 509–511
child domain
delegating authority to, 347
DNS and AD, 361–362
records in stub zone, 365–366
classful addressing, 173–175
Classless Interdomain Routing (CIDR)
IP address ranges listed with, 213
overview of, 180–181
supported protocols, 202
CLI (Calling Line Identification), 317
client
access, 669
configuring to retrieve updates with SUS, 843–844
defining subtype on, 809–810
restricting remote access by configuration, 524
support of VPN protocols, 496
client access only (public network), 663, 667–668
client compliant encryption level, 131
Client IPSec policy, 732–733
client-server connection, 301
Clone Principal tool, 31
Cluster Administrator tool, 653–654, 676–677
cluster configuration log file security, 669
cluster groups, 642–643
cluster IP address, 679
Cluster IP Addresses window, 694
cluster nodes
failure, recovery from, 657
hub-and-spoke replication model and, 436
for WINS performance, 445
cluster service account, 668–669
Cluster.exe, 654, 655–656
clustering
described, 15
server fault tolerance with, 624
See also Network Load Balancing (NLB); server clustering
clusters
ASR backups on, 614
backup of, 602
data arrangement and, 566
CMAK. See Connection Manager Administration Kit (CMAK)
CN (common name), 73
CNAME (Canonical name), 343
colon (:), 216
command-line utilities
backups with, 604
for maintaining/monitoring DNS servers, 416–417
for scheduling, 197
with Windows Server 2003, 82
command prompt, 219
common name (CN), 73
compatws template, 95
components
CA, installation of, 894
hot swappable, 625
IPSec Policy Agent, 724–725
network, 568–570
of PKI, 867–868
computer accounts security, 797–798
computer certificates, 497–499
computer clock synchronization, 825–826
conditional forwarding
design configuration for, 384–386
for disjointed namespace, 365
function of, 374–375
server configuration for, 370
confidentiality, 863–864
Configure Your Server Wizard
for application server configuration, 76–77
for domain controller installation, 59
server roles applied with, 54
steps of, 55–57
for Web server configuration, 67
Web server role not offered by, 139
Connection Manager
CMAK, using, 319–324
defined, 513
in NAQC, 524
Quarantine control and, 514
security issues, 324–325
summary of, 326, 327
Connection Manager Administration Kit (CMAK)
configuration options of, 328
custom actions, 323–324
custom help, 324
defined, 513–514
installing/running, 319–320
security issues, 324–325
service profiles, 323
using, 320–323
VPN support by, 324
connections
controlling remote connections, 525–528
dial-in remote access, 488, 489–495
remote access, managing, 513–514
restricting remote access by, 521–523
VPN remote access, 488–489, 495–500
wireless remote access, 500–505
connectivity devices, 236–245
consistency checking, 448–449
constrained delegation, 800
contention, disk access, 562
context strings, 234
controller. See disk controller
convergence
of NLB cluster, 680, 687
of RIP routers, 228
convergence time
factors that affect, 427
replication models and, 435
convert.exe, 120
copy backup, 596
cost, 16, 114
See also Total Cost of Ownership (TCO)
counters. See performance counters
counting to infinity, 228–229
CPU. See central processing unit (CPU)
CRL (Certification Revocation List), 71
CRL Distribution Points (CDPs), 886–887
CRL updates, 129
cross-domain relationships, 791–792
cross-forest relationships, 793–795
cross trust, CA, 871, 883
cryptography
overview of, 866–867
PKI, 864–866
cryptology, 863
CTL (certificate trust list), 883
custom actions, 323–324
custom help file, 324
custom security templates, 131–134
|