1 / 20

Objectives

Objectives. Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection. Wireless Access Configuration in Windows Server 2008. 802.1x standard Developed by the Institute of Electrical and Electronics Engineers (IEEE) On 802.1x networks

tasha
Download Presentation

Objectives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Objectives • Wireless Access • IPSec • Discuss Network Access Protection • Install Network Access Protection

  2. Wireless Access Configuration in Windows Server 2008 802.1x standard Developed by the Institute of Electrical and Electronics Engineers (IEEE) On 802.1x networks Network access control provides an authentication mechanism to allow or deny network access based on port connection WPA2-EAP (Wi-Fi Protected Authentication 2 – EAP) 2

  3. Wireless Access Configuration in Windows Server 2008 (continued) Categories of EAP implementations EAP over local area network (LAN) EAP-TLS EAP over wireless PEAP: Protected Extensible Authentication Protocol 802.1x uses a three-component model for authenticating access to networks Supplicant Authenticator Authentication server 3

  4. 4

  5. Internet Protocol Security An open-standards framework for securing network communications IPSec meets three basic goals Authentication Integrity Confidentiality 5

  6. IPSec Threats Depending on the configuration of IPSec, it provides protection from the following threats Data tampering Denial of service Identity spoofing Man-in-the-middle attacks Repudiation Network traffic sniffing 6

  7. How IPSec Works IPSec modes of operation Transport mode Tunnel mode Scenarios available when deploying IPSec Site to site Client to client Client to site 7

  8. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 8

  9. MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 9

  10. Using IPSec

  11. How IPSec Works (continued) IPSec security association modes IPSec uses the Internet Key Exchange (IKE) to negotiate security protocols IKE generates the encryption and authentication keys used by IPSec for the transaction IPSec performs transactions in two phases Main mode/Phase 1 Quick mode/Phase 2 11

  12. How IPSec Works (continued) IPSec security methods IPSec uses two security services Encapsulating Security Payload Authentication Header IPSec policies Can be managed with the following tools WFAS, IP Security Policy snap-in Netsh, GPME 12

  13. 13

  14. 14

  15. Network Access Protection • NAP can be broken into three parts • Health policy validation • Health policy compliance • Access limitation

  16. NAP Terminology • Enforcement Client • Enforcement Server • Host Credential Authorization Protocol • Health Registration Authority • Network Policy Server • Remediation Server • System Health Agent • System Health Validator

  17. NAP Enforcement Methods • The five types of NAP enforcement methods used by NAP • 802.1x-authenticated connections • Dynamic Host Configuration Protocol (DHCP) address configurations • IPSec communications • Terminal Services Gateway (TS Gateway) connections • Virtual Private Network (VPN) connections

  18. Implementing NAP • NAP • Designed by Microsoft to allow you to customize it to meet the unique needs of your networks • Implementing and configuring NAP differs from network to network based on requirements and policies

  19. Installing NAP • NAP is part of the NPS role • To install NAP components • Add the NPS role either through the Role Services Wizard or from the command line using servermanagercmd.exe

More Related