Introduction

In times gone by, it was considered safe practice to build a castle with a moat, drawbridge, and very high walls to keep your enemies out. If business was to be done in your land, a visitor would have to enter the castle under guard, show or claim credentials or services, and then be allowed in to do business.

Things haven't changed much. In today's corporate network, the same basic procedures are still in place as were utilized in the past. The only real change is that networks are much more complex and at risk than any castle ever was. It is for this reason that as you plan and design your network, you must know how to analyze potential holes and pitfalls for security and implement a network security strategy to stop these potential problems. One of the key goals of this chapter is to do just that: to help you learn how to secure remote access to your network.

In the interconnected business environment of today, businesses cannot survive as isolated kingdoms. The trend is for companies to integrate, merge, as well as buy and sell each other. During any one of these processes, the likelihood that you will need to implement a secure remote access solution is extremely high.

First, this chapter looks at how Microsoft provides Routing and Remote Access Service (RRAS) solutions. You also learn how to plan a routing strategy. Routing is the process of moving packets from one network to another. To route efficiently , you need to know how to properly configure RRAS for routing. To do this, you need to identify which routing strategy you may need (static versus dynamic routing) and what protocols you want to use. You also need to understand what multicast traffic is and how to plan routing for it.

Of course, RRAS is good for more than just simple routing; its primary function is to provide remote access connectivity for your network. Unfortunately, just providing remote access is no longer good enough; you have to take steps to secure it as well. You need to know how to plan remote access policies with Windows Server 2003, analyze protocol security requirements, plan authentication methods for your remote access clients , as well as plan and modify a network topology and integrate all these items into your overall network solution.

Of course, planning, implementing, and securing do not constitute all of your work; you will undoubtedly spend some time troubleshooting your solution both during its implementation and also after this point. Being able to identify the right troubleshooting tool for the job will make this process quicker and more efficient for you, thus bringing back critical business services to your network in a timely fashion. Some of the tools you need to become familiar with include the route , tracert , ping , pathping , and netsh commands and the Network Monitor.