Summary

In this chapter, you learned about the various vulnerabilities that are present when transmitting data on networks and how to protect your Windows Server 2003 network against threats. We showed you what protocols are available for authentication on a Windows Server 2003 network and discussed the strengths and weaknesses of each one. You will need to focus on CHAP, MS-CHAPv2, and EAP as the main protocols used for authentication on Windows Server 2003.

After you authenticate, you will need to worry about the security of the information you are sending across your network. When designing a solution for transmitting data, you need to consider eavesdropping and manipulation of the packets. These types of attacks can be avoided by encrypting and signing the packets with technologies like IPSec or PPTP.

You can combine an encryption technology like IPSec with a protocol to negotiate the authentication protocol like L2TP. A combination like L2TP/IPSec or PPTP with PPP encryption is the basis for creating a Virtual Private Network (VPN). A VPN allows you to create a secure connection over an insecure network like the Internet or a wireless connection.

With regard to the security design principles in connecting to a partner organization, we discussed aspects of the various methods you can use to connect to the organization and the authentication and data security problems you will encounter. This included using demand-dial and VPN technology to connect to another organization.

Wireless networks also present a problem when it comes to securing the transmission of data and controlling authentication to the network. You learned how to use the SSID and WEP to begin to secure access points and then how you could use 802.1x to provide for stronger and more manageable authentication and encryption through RADIUS and certificates obtained through your public key infrastructure.