O BJECTIVES Planning and implementing network security methods do not end after you've implemented the security solutions discussed previously in Chapter 1, "Planning and Implementing Server Roles and Server Security." You still must ensure a handful of other issues are taken care of before your network is to be considered secure. Secure, however, is a relative term and one that is defined by the business and organizational requirements in place in your organization. Microsoft defines the network security portion of the "Planning, Implementing, and Maintaining Routing and Remote Access" objective and the "Planning and Maintaining Network Security" objective as follows : Plan secure network administration methods. -
In today's distributed computing world, no longer can administrators easily or efficiently travel to all locations within an organization. The ability to remotely assist users and administer computers in real time gives administrators much more flexibility and offers them a means to better care for their network. Plan security for wireless networks. Configure network protocol security. Configure security for data transmission. Plan security for data transmission. Plan for network protocol security. -
IP Security (IPSec) is the de facto standard for security network transmissions in both heterogeneous and homogenous network environments. IPSec can be used to provide secure network connections, both internal to your network and external to your network. IPSec operates in two modes, transport and tunnel, depending on where the endpoints in a communication lie in relation to each other. IPSec is fully supported in Windows Server 2003, and three preconfigured IPSec policies are supplied to get you going quickly. It is important for you to understand not only how to implement and configure IPSec for this exam, but also for you to secure your network as well. Troubleshoot security for data transmission. Tools might include the IP Security Monitor MMC snap-in and the Resultant Set of Policy (RSoP) MMC snap-in. -
Unfortunately, nothing works right all the time; IPSec is no exception. Using improperly configured IPSec policies is a quick way to bring all normal network traffic to a screeching halt. Windows Server 2003 provides the IP Security Monitor and the Resultant Set of Policy snap-in to monitor and troubleshoot IPSec- related traffic issues. O UTLINE Introduction Planning Secure Remote Administration Methods Remote Assistance Configuring Remote Assistance Policies Sending and Managing Remote Assistance Requests Using Remote Assistance Remote Assistance Security Concerns Remote Desktop for Administration (RDA) RDA Security and Management Issues Planning Wireless LAN ( WLAN ) Security Planning Security for Data Transmission Understanding the Architecture and Components of IPSec Authentication Header (AH) Encapsulating Security Protocol (ESP) Internet Security Key Association Key Management Protocol (ISAKMP/Oakley) L2TP and IPSec Configuring and Implementing IPSec Creating Customized IPSec Policies Monitoring and Troubleshooting IPSec The IP Security Monitor MMC Snap-in The Resultant Set of Policy (RSoP) MMC Snap-in General IPSec Troubleshooting Chapter Summary Apply Your Knowledge Exercises Review Questions Exam Questions Answers to Review Questions Answers to Exam Questions Suggested Readings and Resources S TUDY S TRATEGIES -
Become familiar with the concepts of Remote Assistance and Remote Desktop for Administration. Not only will these two new technologies save you time and trouble in your daily job, but they also are very important on this exam. -
Set up two computers ”preferably both Windows Server 2003, but one can be a Windows XP Professional computer ”to practice sending and accepting Remote Assistance requests. -
Set up two computers ”preferably both Windows Server 2003, but one can be a Windows XP Professional computer ”to practice using Remote Desktop for Administration. -
If you have a wireless LAN at your disposal, be sure to create and implement a WLAN security policy. -
Carefully work your way through the material discussing the component parts of an IPSec policy. Practice creating and implementing an IPSec policy between two computers on your network. -
Get your hands dirty. The Step by Steps throughout this book provide plenty of directions and exercises, but go beyond these examples and create some of your own. If you can, experiment with each of the objectives to see how they work and why you would use each one. |