Windows Server 2008 Networking and Network Access Protection (NAP)
Joseph Davies, Tony Northrup
Language: English
Pages: 848
ISBN: 0735624224
Format: PDF / Kindle (mobi) / ePub
Get the official resource for deploying, administering, and troubleshooting Windows Server 2008 networking and Network Access Protection (NAP) technologies, direct from the experts who know the technologies best. This definitive resource from award-winning Microsoft® networking author Joseph Davies and Microsoft Most Valuable Professional (MVP) author Tony Northrup also offers expert insights direct from the Windows Server Networking team at Microsoft. You get detailed information about all major networking and network security services, including the all-new Network Access Protection (NAP), authentication infrastructure, IPv4 and IPv6, remote access, virtual private networks, IP security, quality of service, scalable networking, wireless infrastructure and security, DNS, DHCP, Windows® Firewall, and more. You also get a companion DVD with a fully searchable eBook version of the book, plus eBook samples from Understanding IPv6 2nd Edition, Windows Server 2008 TCP/IP Protocols and Services, and TCP/IP Fundamentals. This official Microsoft resource delivers what every Windows administrator needs to master Windows Server 2008 networking.
Key Book Benefits
Delivers in-depth technical guidance for administering, Windows Server 2008 networking and NAP technologies
Features definitive product information from the experts, with additional insights from the Windows Server team at Microsoft and field consultants
Provides the detailed information that every Windows administrator needs about NAP, IPv4 and IPv6, remote access, virtual private networks, IP security, DNS, DHCP, Windows Firewall, and more
Includes a DVD with a fully searchable eBook of all seven volumes, plus bonus eBook samples from three additional networking books
Game AI Pro: Collected Wisdom of Game AI Professionals
Penetration Testing with Raspberry Pi
Creating E-Learning Games with Unity
Data Communications and Computer Networks: A Business User's Approach (7th Edition)
Backup & Recovery: Inexpensive Backup Solutions for Open Systems
Configuring 802.1X Access Points. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 Configuring Remediation Servers on the Restricted Network . . . . . . . . . . . . 693 Configuring NAP Health Policy Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 693 Configuring NAP Clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 701 802.1X Enforcement Deployment Checkpoint for Reporting Mode . . . . . . . 704 Testing
Addresses 24 1 256 25 2 128 26 4 64 27 8 32 Note that the available number of host IP addresses is actually a bit lower than indicated in Table 1-3. The highest and lowest IP addresses on a subnet (in binary, all 0s and all 1s) are reserved for broadcast messages. Additionally, the router will require at least one IP address on the subnet. Therefore, the number of IP addresses available for computers on the network is actually three lower than the theoretical number of IP addresses
renewals. However, shorter DHCP lease durations minimize the time that IP addresses remain unused when a DHCP client disconnects from the network. You must identify the ideal DHCP lease duration for every network in your organization. Before you configure your first DHCP server, you should plan your subnets, scopes, and exclusions. This section will give you the information you need to perform that planning. C03624221.fm Page 68 Wednesday, December 5, 2007 4:58 PM 68 Windows Server 2008
members. Testing IPsec Begin testing IPsec in a lab environment. Configure computers with the client side and server side of your critical applications, and verify that the lab is functional and accurately simulating the production environment. Your lab environment should have computers with each of the potential IPsec client operating systems because different operating systems support different IPsec functionality. Test application performance both with and without IPsec to verify that IPsec
supported and enabled in the advanced properties of the NIC driver; typically, layer-2 priority tagging is disabled by default. From a network stack layering perspective, it’s important to understand that Pacer.sys is an NDIS Lightweight Filter (LWF) driver and will always be inserted above a miniport driver, which will always be the lowest network software in the stack because it communicates directly with the NIC hardware. Also note that network sniffing applications like Microsoft Network
