Index_R

R

RA (registration authority), 70

radio frequency (RF), 801

RADIUS

access server, 318

client, configuring WAP as, 503–504

IAS of, 308–318

remote access policies and, 515

RRAS server and, 512

server in EAP authentication, 804–805

for wireless authentication, 501

RAID, 566, 620

RAID 0, 620

RAID 0+1, 623–624

RAID 1, 621–622

RAID 5, 622–623

RAID array, 445

RAID controller, 659

RAM (random access memory). See memory (RAM)

random deployment option, 652–653

ranges, private address, 214

RC4 encryption algorithm, 802, 815

RDC (Remote Desktop Connection), 753

Read Group Membership permission, 784

readers, smart card, 899

recovery

key, 868

overview of, 593–594

root CAs and, 885

strategy, 628

recovery agent, 884

Recovery Console, 120

recursion

disabling for DNS security, 404, 406

disabling for DoS attack protection, 407

by DNS server, 348

nonrecursive servers, 375

troubleshooting host name resolution and, 455

recursive query

defined, 473

in DNS name resolution process, 348–349

of DNS server, monitoring, 416

test, 413

red X, 107

redirection attack

causes of, 406

prevention with static entries, 439

on WINS, 450

redundancy

fault tolerance and, 618

proxy server, 620

with server hardware, 624–625

referral answer, 351

referral zone, WINS, 403–404

registration authority (RA), 70

Registry

editing, 755

function of, 94

keys, auditing, 821–822

regulations, 26–27

relative ID master, 60

relative IDs (RIDs), 60

Remote Access Policies, 494–495

remote access policies

creating, 515–528

with IAS, 309

included in NAQC, 524

for router-to-router VPN, 306

summary of, 531

for VPN connection, 500

for wireless connections, 502–503

remote access policies, creating

authorizing remote access, 516–520

controlling remote connections, 525–528

policies/profiles, 515–516

restricting remote access, 520–525

remote access profile

controlling remote connections, 525–528

function of, 515

Remote Access Quarantine Agent service (RQS.EXE), 524

remote access strategy

analyzing organizational needs, 487

analyzing user needs, 487

authentication methods for, 508–512

callback security for, 513

connections, managing, 513–514

data encryption level for, 512–513

dial-in access design considerations, 489–495

domain functional level and, 505–508

in general, 486

Network Access Quarantine control, 514

remote access policies, creating, 515–528

remote access types to allow, 487–489

smart cards for, 514

summary of, 529–531

VPN design considerations, 495–500

wireless remote access design considerations, 500–505

remote access types, 487–489

remote access/VPN server role, 57

remote administration, 668

remote connections, 525–528

Remote Desktop Connection (RDC), 753

remote management, NLB, 683–684, 691

Remote Procedure Call (RPC), 683–684

removable storage, 22

renaming tool, 85–86

rendom.exe (domain rename utility), 86

renewal interval, 447

replication

of domain controllers, 59

linked value replication, 89

PDC emulator and, 61

WINS server deployment and, 424

replication partnership

accepting with WINS, 424

configuration, 428–434

summary of, 466–467

troubleshooting, 459–460

replication, WINS, 427–437

change-only replication, 428

convergence time factors, 427

multihomed WINS server and, 440

push vs. pull replication, 474

replication models, 434–437

replication partnership configuration, 428–434

summary of, 466–467

troubleshooting, 459–460

report, backup, 604

Request Security IPSec policy, 733

requester, 807

requests, certificate, 892–895

Require Security IPSec policy, 733

Reservations button, 295

reset account lockout counter after setting, 826

resource cluster groups, 642–643

resource records (RRs)

components of, 342–344

DNS namespace design and, 357–358

DNS server capacity and, 371

domains vs. zones, 345–348

function of, 341

multiple namespaces and, 363–364

secure updates and, 389–390

update with DNS/DHCP interaction, 387–389

resources, physical, 194

Respond Only IPSec policy, 732–733

restore

ASR, 613, 614

from backup, 605–607

of cluster servers, 657

WINS database, 452

See also recovery

Restore to Alternate Location feature, 601

Restore Wizard, 603–604

Restricted Groups, 94

restriction of remote access, 520–525

Resultant Set of Policy (RSoP)

defined, 713

for Group Policy modeling, 4

IPSec planning with, 765–768

XP IPSec policies and, 752

reverse lookup records, 401–402

reverse lookup zones

creating, 356

described, 352

security considerations for, 353

update with DNS/DHCP interaction, 387–389

reversible encryption, 825

revocation, certificate, 886–887

RF (radio frequency), 801

RIDs (relative IDs), 60

ring replication model, 434–435

RIP. See Routing Information Protocol (RIP)

RIP version 1 (RIPv1), 226, 227

RIP version 2 (RIPv2), 226–227, 252–255

risk, 91–92

Rivest, Ron, 802, 864

rogue router, 227

rogue servers, 126

rogue WLANs, 812

role-based administration, 896

roles, 27

See also server roles

root CAs

capabilities of, 911

overview of, 872

security and, 129, 885

at top of hierarchy, 72

root hints file, 349–350

root zone, 367–368

rootsec template, 96

round robin, 456

routable protocols, 238

route add command, 251–252

route command, 170

route entry, 217–218

route table, 168–169

routed connections

advantages of, 289

hardware/software routers, 289–290

IP addressing for, 290

summary of, 326

router

components of, 259

defined, 222

function of, 244–245

hardware/software routers, 289–290

setting up Windows Server 2003 as, 245–257

router-to-router VPNs

connection types for, 303–304

on demand/demand-dial connections, 304–306

described, 263

persistent connections, 306

remote-access policies, 306

Windows Server 2003 as, 267–268

routes

minimizing number of, 260

types of, 216–217

routing, 150

Routing and Remote Access console

managing NAT from, 294

for troubleshooting routing, 271

VPN connections with pre-shared keys, 763

Routing and Remote Access Server Setup Wizard

configuring VPN server with, 302–303

installing NAT with, 292–293

for Windows 2003 Server as static router, 248–249

Routing and Remote Access Service (RRAS)

configuring OSPF, 255–257

configuring RIPv2 on router, 252–255

configuring Windows 2003 Server as static router, 246–251

EAP and, 905

IAS integration with, 309

packet-filtering methods of, 279

Routing and Remote Access Service (RRAS) server

activating IAS authentication for, 310–312

assigning IP addresses with, 490–491

authentication methods for, 512

restricting authentication methods in, 525

routing problems and, 274–275

supports multiple functions, 328

Routing Information Protocol (RIP)

as distance-vector protocol, 225

OSPF benefits over, 229–230

problems with, 275, 276

RIP router process, 228–229

RIP v1/v2, 226–227

routing options, 236–245

bridges, 240–242

connectivity devices, selecting, 236–237

hubs, 239–240

OSI model review, 237–239

routers, 244–245

switches, 242–244

routing protocols

distance-vector/link-state protocols, 225–226

dynamic routing and, 221

minimizing number of, 260–262

Open Shortest Path First, 229–233

problems with, 274–276

Routing Information Protocol, 226–229

routing security, 257–270

IPSEC security features/process, 257–258

logging level, 269–270

network topology, simplifying, 259–262

packet filtering/firewalls, 268–269

router-to-router VPNs, 263–268

routing components, requirements for, 259

summary of, 278

routing strategy

evaluating routing options, 236–245

gateways, 222–225

IP addresses, 213

IP version 6, 215–216

NAT components, 214–215

netsh commands, 233–236

routing concept, 212

routing protocols, 225–233

routing tables, 216–220

security, 257–270

static vs. dynamic routing, 220–222

troubleshooting IP routing, 270–276

Windows Server 2003 as router, 245–257

routing tables

configuration problems, 276

defined, 216

route entry component parts, 217–218

rows, 220

types of routes, 216–217

viewing, 219

rows, 220

RPC (Remote Procedure Call), 683–684

RQS.EXE, 524

RRAS. See Routing and Remote Access Service (RRAS)

RRs. See resource records (RRs)

RSA Labs, 864

RSA technology, 864–866

RSoP. See Resultant Set of Policy (RSoP)

Run As command

for administrative server tasks, 785

to view routing table, 219