150 likes | 316 Views
Week #10 Objectives: Remote Access and Mobile Computing. Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for Remote Access Configure DirectAccess for Remote Access Configure BranchCache for Remote Access. Presentation Settings.
E N D
Week #10 Objectives: Remote Access and Mobile Computing • Configure Mobile Computer and Device Settings • Configure Remote Desktop and Remote Assistance for Remote Access • Configure DirectAccess for Remote Access • Configure BranchCache for Remote Access
Presentation Settings Tools for Configuring Mobile Computer and Device Settings
Mobile Device Sync Partnerships update information about the mobile device and the host computer. What Are Mobile Device Sync Partnerships? Demo Files sent to Desktop Desktop Mobile Device Files sent to Mobile Device
What Are Remote Desktop and Remote Assistance? Remote Desktop Remote Assistance • A Windows 7 feature that enables users to connect to their desktop computer from another device • Enables administrators to connect to multiple remote servers for administrative purposes • A Windows 7 feature that enables support staff to connect to a remote desktop computer • Optionally allows for remote control of that computer • Assistance can be sought or offered
Configuring Remote Desktop Demo Configuring Remote Desktop includes setting it up on the remote computer and the host computer. • Remote Computer • Open the System Window • Select Remote Settings • In the System Properties Window select Allow Remote Assistance • Under Remote Desktop select or add the users who can connect to this computer. • Host Computer • Launch the Remote Desktop Connection • Choose Options to see the Remote Desktop configuration settings • On the General Tab, enter the remote computer’s name and your authentication credentials • Save your Connection Settings • Select preferences on the remaining Option’s tabs
What Is a VPN Connection? VPNs are point-to-point connections across a private or public network. A VPN client uses special protocols, called tunneling protocols, to make a virtual call to a virtual port on a VPN server VPN connections use either Point-to-Point Tunneling Protocol (PPTP), Layer Two Tunneling Protocol/Internet Protocol security (L2TP/IPsec), or Secure Socket Tunneling Protocol (SSTP) • PPTP uses Point-to-Point Protocol (PPP) for user-level authentication and Microsoft Point-to-Point Encryption (MPPE) for encryption • L2TP uses PPP authentication and IPsec encryption SSTP uses PPP framing on top of Secure Sockets Layer (SSL)
Creating a VPN Connection Creating a VPN connection in the Windows 7 system environment requires authenticated access to a Windows a VPN Server • From the Network and Sharing Center- choose to the Setup a new connection wizard or type VPN at the Windows 7 search bar • Choose Connect to a workplace – Set up a dial-up or VPN connection Create a new connection • Select your VPN server after choosing Use my Internet Connection (VPN)
What Is DirectAccess? Features • Provides users transparent access to internal network resources whenever they are connected to the Internet • Enables IT Professionals to manage remote computers outside of the office • Establishes a bi-directional connection that enables the client computer to remain current with company policies and to receive software updates • Does not require a VPN connection • Supports multifactor authentication methods • Configurable to restrict which servers, users, and individual applications are accessible
How DirectAccess Works Selected ServerFull Enterprise Network Configured using DirectAccess console or IPsec policies • IPsec session is established between the DirectAccess client and server • IPsec is not used for communications across the internal network • Enterprise internal security is unchanged • Closely resembles VPN and can be more straightforward to deploy • Deploy IPv6 and IPsec in the organization • Upgrade application servers Windows Server 2008 R2 • Enable selected server access • Allows end-to-end authentication and encryption from the DirectAccess client to internal resources Flexible configuration meets organizational security requirements
DirectAccess Requirements Requirements Deployment • Windows Server 2008 R2 with two network adapters • One domain controller and DNS server running Windows Server 2008 or Windows Server 2008 R2 • Public Key Infrastructure (PKI) • IPsec policies • IPv6 transition technologies • Windows 7 Enterprise on the client computers • Optionally, a NAT-PT device to provide IPv4 access • IPv6-over-IPsec to encrypt communications • Scalability determined number of Direct Access servers • Multiple ways to install Direct Access
BranchCache caches content from remote and Web servers in the branch location so users can quickly access the content. Cache can be hosted centrally in the branch location or distributed across user PCs. What Is BranchCache? Key benefits for IT professionals • Helps reduce WAN link utilization ü • Optimizes traffic flow between clients and servers ü • Supports commonly used network protocols ü • Supports end-to-end encryption between clients and servers ü • Provides compatibility with end-to-end security protocols ü • Remains transparent to the user ü
How BranchCache Works Distributed Cache Hosted Cache • Distributed Cache Mode • Cache is distributed across client computers • Additional client computers retrieve content from the first requesting client computer • Beneficial for branch offices that do not have a local server with Windows Server 2008 R2 Get Get Data Main Office Get • Hosted Cache Mode • Cache is on a server at the branch office • Client computers retrieve content from the branch office server • Beneficial for larger branch offices that have hardware resources for a local server with Windows Server 2008 R2 IDs Get Get Get Put Client computers are configured to use only one caching mode at a time. Data Data Data Data Data Branch Office Branch Office
BranchCache Requirements Demo Client Configuration Server Configuration • Windows Server 2008 R2 - required either in the main server location or at the branch office • Windows 7 Enterprise - required on the client PCs • Off by default • Enable and configure manually or by Group Policy • Caching mode to cooperative or hosted • Host name of hosted cache server • Set client cache size • Set cache location on disk • Firewall rules required • Not installed by default • Enable and configure manually or by Group Policy • Enable for all file shares or on a file share by file share basis • If enabled on a Web server, must be enabled for all Web sites • Hosted cache equipped with a certificate trusted by client computers suitable for TLS