|< Day Day Up >|| |
In recent years, consumers and businesses have been adopting mobile computing and wireless networks at a breathtaking pace. The benefit to businesses is obvious: employees are more productive because they can work and stay in touch when away from their desks. In an organization that uses a virtual private network (VPN), an employee with a wireless mobile computer can even connect to corporate resources from the airport, the local coffee shop, or thousands of other wireless hot spots.
Unfortunately, wireless networks are also among the most widely exploited consumer and business technologies. If you have a wireless network in place, attackers might be able to access your network without physically entering your building. This can grant them access to your internal network resources, allow them to eavesdrop on your communications, and enable them to impersonate you when attacking other computers on the Internet.
When your wireless network is properly configured, the risks of an attacker compromising it can be dramatically reduced. Microsoft Windows Server 2003 includes several features that allow you to improve the security of your wireless networks and realize their benefits without assuming unnecessary risk. This lesson will describe these features and give you hands-on experience with configuring wireless security.
If you fulfilled the requirements for the previous chapters, you already have the necessary hardware and software configured. You can use the computers in the state they were in after completing the previous chapters, or you can install the software from scratch. To do the practices, examples, and lab exercises in this chapter, you must have:
A private network that is not connected to the Internet or any other network. This network should not have any production computers connected to it.
A wireless access point (WAP) connected to the private network.
One computer with a wired network connection. On this computer, perform a Windows Server 2003, Enterprise Edition installation with default settings. Assign the name Computer1 to this computer. Add the Domain Controller role to the computer using the default settings, and specify the domain name cohowinery.com. Configure the computer to use itself as its own primary Domain Name System (DNS) server. Then add the Application Server role. Install the Certificate Services service, and configure this computer as an Enterprise Root certification authority (CA).
One computer with a wireless network connection. On this computer, perform a Microsoft Windows XP Professional or Windows Server 2003 installation with default settings. Assign the name Computer2 to this computer. Add this computer to the cohowinery.com domain as a member computer. Configure this computer to use Computer1 as its primary DNS server. Install a wireless network interface card compatible with the WAP in Computer2, but do not configure it yet.
|< Day Day Up >|| |