450 likes | 467 Views
Goals. Introduce the Windows Server 2003 family of operating systems Explore the features of Windows Server 2003 Introduce Windows Server 2003 operating system architecture Understand workgroups and domains Introduce Windows Server 2003 network services
E N D
Goals • Introduce the Windows Server 2003 family of operating systems • Explore the features of Windows Server 2003 • Introduce Windows Server 2003 operating system architecture • Understand workgroups and domains • Introduce Windows Server 2003 network services • Understand Windows Server 2003 network protocols • Introduce Windows Server 2003 network security services
(Skill 1) Introducing the Windows Server 2003 Family of Operating Systems Windows Server 2003 products • Standard Edition: for small to medium-sized businesses • Enterprise Edition: for mission-critical server workloads • Datacenter Edition: for medium to large-sized organizations that require high levels of scalability and reliability • Web Edition: for dedicated Web serving and hosting; also a platform for building and hosting Web applications
(Skill 1) Figure 1-1 The four main products in the Windows Server 2003 family
(Skill 2) Exploring the Features of Windows Server 2003 • Active Directory • Network security • Automatic installation and configuration • Familiar appearance and easy server management • Security from unauthorized logon • Network protocols • Connectivity • Multi-lingual capabilities • Web-based Enterprise Management (WBEM)
(Skill 2) Exploring the Features of Windows Server 2003 (2) • Automatic detection of Plug and Play hardware devices • Volume Shadow Copy/Restore service • Command line management • Intelligent File Systems • Encrypting File System (EFS) • Distributed File System (Dfs) • File Replication Service (FRS) • Microsoft Management Console (MMC) • Group Policy and Group Policy Management Console
(Skill 2) Figure 1-2 Windows Server 2003 features
(Skill 2) Figure 1-3 File Server Management console
(Skill 2) Figure 1-4 Scheduling a Volume Shadow Copy
(Skill 2) Figure 1-5 The Group Policy Management console
(Skill 3) Overview of Windows Server 2003 Operating System Architecture • Modular structure with each module contributing specific functionality • Basically the same for Standard, Enterprise, Datacenter, and Web Editions • Two primary layers • User mode • Kernel mode
(Skill 3) Overview of Windows Server 2003 Operating System Architecture (2) User mode layer • Consists of a set of components known as subsystems, responsible for relaying input/output requests to the appropriate kernel mode driver through the Input/Output (I/O) system services • Environmental subsystems provide APIs • Integral subsystems • Perform various functions such as the creation of security tokens and monitoring user rights and permissions • Run in user mode, but perform essential operating system functions
(Skill 3) Overview of Windows Server 2003 Operating System Architecture (3) Kernel mode layer • Operates in a protected area of memory • Provides services to user mode subsystems, which functionally protects and isolates the hardware from the software
(Skill 3) Figure 1-6 User mode and kernel mode layers
(Skill 3) Overview of Windows Server 2003 Operating System Architecture (4) • Kernel mode layer components • Executive • Microkernel • Hardware Abstraction Layer (HAL) • Set of kernel mode drivers • Executive Services are responsible for performing I/O requests and object management
(Skill 3) Overview of Windows Server 2003 Operating System Architecture (5) • Executive Services key components • I/O Manager • Security Reference Monitor • Interprocess Communication (IPC) Manager • Virtual Memory Manager (VMM) • Process Manager • Plug and Play (PnP) Manager • Power Manager • Window Manager and the Graphical Device Interface (GDI) • Object Manager
(Skill 3) Overview of Windows Server 2003 Operating System Architecture (6) • Microkernel • Core of the operating system • Manages the computer’s processors • Handles scheduling, interrupts, exception dispatching, and CPU synchronization • Hardware Abstraction Layer (HAL) • Hides the hardware interface details from the end user by acting as an interface between the user and the hardware devices • Handles I/O interfaces, interrupt controls, and multiprocessor communication mechanisms
(Skill 3) Overview of Windows Server 2003 Operating System Architecture (7) • Kernel mode drivers • Translate I/O requests into hardware functions • Are modular components each with a well-defined and specific set of functionality requirements • Three main classifications • Lowest-level drivers control peripheral devices • Intermediate drivers are device type-specific • Highest-level drivers are file system drivers
(Skill 3) Figure 1-7 Components of Executive Services
(Skill 3) Figure 1-8 Classifications of kernel mode drivers
(Skill 4) Introducing Workgroup and Domains • Windows Server 2003 operating system supports workgroups and domains, the two basic network model types that enable users to share common resources • A workgroup or peer-to-peer network is a logical group of computers that are interconnected, generally over a local area network (LAN) • A domain is a logical grouping of network computers that share a central directory database
(Skill 4) Introducing Workgroup and Domains (2) • Workgroup features • The administration of user accounts and resource security in a workgroup is decentralized • To gain access to resources on any computer in the workgroup, user must have an account on that computer • Workgroup limitations • A workgroup model is practical only in smaller environments where computers are in close proximity • Microsoft recommends that a workgroup consist of less than 10 computers
(Skill 4) Figure 1-9 Workgroup model
(Skill 4) Introducing Workgroup and Domains (3) • Domain features • Active Directory database • Stores information about how the network is structured and organized • Enables users to identify and locate resources on the network • Domain controller • Windows Server 2003 computer on which Active Directory resides • Manages security-related aspects of user/domain interactions
(Skill 4) Introducing Workgroup and Domains (4) • Domain advantages • Centralized security and administration means that a change to any object within the domain is available to the entire domain • Provide a single logon process for users to gain access to network resources, such as file, print, and application resources
(Skill 4) Figure 1-10 Domain model
(Skill 5) Introducing Network Services in Windows Server 2003 • Dynamic Host Configuration Protocol (DHCP) • Domain Name System (DNS) • Windows Internet Name Service (WINS) • Virtual Private Networks (VPN) • Routing and Remote Access Service (RRAS) • Internet Authentication Service (IAS) and Load Balancing • Internet Connection Firewall (ICF)
(Skill 5) Introducing Network Services in Windows Server 2003 (2) • Dynamic Host Configuration Protocol (DHCP) • Provides the standard used by DHCP servers on the network • DHCP servers manage the dynamic allocation of IP addresses and the related configuration details for DHCP-enabled clients on your network • Domain Name System (DNS) • Main name resolution service for Windows Server 2003 • Enables access to computers on a TCP/IP network using the domain name
(Skill 5) Introducing Network Services in Windows Server 2003 (3) • Windows Internet Name Service (WINS) • Assigns or maps an IP address to a computer name so network users can find a computer on a TCP/IP network using the NetBIOS name • WINS server database provides a lookup directory • Virtual Private Networks (VPNs) • Provide connections to private networks, such as a LAN, through a non-secure communication channel like the Internet • Use tunneling and encryption to create a virtual tunnel for secure information exchange
(Skill 5) Introducing Network Services in Windows Server 2003 (4) • Routing and Remote Access Service (RRAS) • Allows remote or mobile workers to connect to a firm’s networks so that they can work as if their computers were physically connected to the network • Workers connect to the LAN via modem or Virtual Private Network (VPN) • IAS RADIUS and Load Balancing • Internet Authentication Service (IAS) is Windows Server 2003’s Remote Authentication Dial-In User Service (RADIUS) server component • Network Load Balancing (NLB) allows certain types of servers (mostly file/print servers and Web servers) to scale to a much larger size than would otherwise be possible
(Skill 5) Introducing Network Services in Windows Server 2003 (5) • IAS Enhancements • Centralize services for wireless users and logs information to a Microsoft SQL server • Allow advanced SQL queries • Provides new 801.1X authentication features and cross-forest authentication • Internet Connection Firewall (ICF) • Supplies basic protection on computers directly connected to the Internet or on LAN segments • Designed for use in a small business
(Skill 5) Figure 1-11 Networking services offered by Windows Server 2003
(Skill 5) Figure 1-12 Routing and Remote Access
(Skill 5) Figure 1-13 Internet Authentication Service
(Skill 6) Introducing Network Protocols • Transmission Control Protocol/Internet Protocol (TCP/IP) • Point-to-Point Tunneling Protocol (PPTP) • Layer Two Tunneling Protocol (L2TP) • Hypertext Transmission Protocol (HTTP)
(Skill 6) Introducing Network Protocols (2) • Transmission Control Protocol/Internet Protocol (TCP/IP) • Core protocol suite used by the Internet and Windows 2003 Server networks • Scalable and routable transport protocol suite used for both large and small networks • Enables you to route messages across networks and between computers using different operating systems and with widely varying structural designs
(Skill 6) Introducing Network Protocols (3) • Point-to-Point Tunneling Protocol (PPTP) • Tunneling protocol used to create secure connections to corporate networks, over any intermediate network • Secure connections for VPNs are created using either PPTP or Layer Two Tunneling Protocol • Layer Two Tunneling Protocol (L2TP) • Another tunneling protocol used to create VPNs • Creates a “tunnel” but does not encrypt data • Use in conjunction with IPSec, which provides data encryption
(Skill 6) Introducing Network Protocols (4) • Hypertext Transmission Protocol (HTTP) • Part of the TCP/IP protocol suite • Standard protocol used in the transmission of data across the Internet
(Skill 6) Figure 1-14 Network protocols supported by Windows Server 2003
(Skill 7) Introducing Network Security Services • Kerberos v.5 • Hypertext Transmission Protocol (HTTP) • Internet Protocol Security (IPSec) • Encrypting File System (EFS) • Internet Protocol Security (IPSec) • Security configuration tools
(Skill 7) Introducing Network Security Services (2) • Kerberos v.5 • A ticket-based authentication protocol • Provides high security for authentication traffic using digital signatures and mutual authentication mechanisms • Public Key Infrastructure (PKI) and Microsoft Certificate Services • PKI is a system of digital certificates and trusted Certification Authorities (CAs) as well as other registration authorities that issue them • Verifies and authenticates the validity of each party in a communication exchange
(Skill 7) Introducing Network Security Services (3) • Internet Protocol Security (IPSec) • A vendor-independent encryption protocol • The ability to sign and/or encrypt any IP packet makes it vendor- and application-independent • Encrypting File System (EFS) • Encrypts data stored in files and folders to protect against unauthorized access • In the EFS encryption technique, important data is secured using an asymmetrical cryptographic key pair: a public key and a private key
(Skill 7) Introducing Network Security Services (4) • Internet Protocol Security (IPSec) • A vendor-independent encryption protocol • The ability to sign and/or encrypt any IP packet makes it vendor- and application-independent • Security configuration tools • Cost reduction tools provided by Windows Server 2003 • Include the Microsoft Management Console (MMC) used to configure Windows Server 2003 security settings and conduct system analysis
(Skill 7) Figure 1-15 Security Services provided by Windows Server 2003
(Skill 7) Figure 1-16 The SNMP Service Properties dialog box
(Skill 7) Figure 1-17 The Manage Your Server graphical user interface