module 8 configuring mobile computers and remote access in windows 7
TRANSCRIPT
Module 8
Configuring Mobile Computers and Remote
Access in Windows 7
Module Overview
• Configuring Mobile Computer and Device Settings
• Configuring Remote Desktop and Remote Assistance for Remote Access
• Configuring DirectAccess for Remote Access
• Configuring BranchCache for Remote Access
Lesson 1: Configuring Mobile Computer and Device Settings
• Discussion: Types of Mobile Computers and Devices
• Tools for Configuring Mobile Computer and Device Settings
• What Are Mobile Device Sync Partnerships?
• Demonstration: Creating a Sync Partnership
• Power Plans and Power-Saving Options in Windows 7
• Demonstration: Configuring Power Plans
Discussion: Types of Mobile Computers and Devices
1. How do mobile computers differ from desktops?
2. What are key end-user needs that mobile computers help resolve?
10 min10 min
Tool Features
Power Options• Updated Battery Meter
• Power Plans
Windows Mobility Center
• Key system settings collected in one place
• Display brightness, power plan, volume, wireless networking, external display settings, display orientation, and synchronization status
Windows Mobile
Device center
• Successor to Active Sync
• Synchronizes various content including music, video, contacts, calendar events, web browser favorites, and other files between Windows Mobile devices and Windows 7
Sync Center• Sync data between desktop computers, network servers, and
mobile devices
• Shows current status of all sync partnerships
Presentation Settings
• Reconfigure your computer for a presentation
• One click changes multiple settings
Tools for Configuring Mobile Computer and Device Settings
What are Mobile Device Sync Partnerships?
DesktopDesktop
Files sent to Mobile DeviceFiles sent to
Mobile Device
Mobile DeviceMobile Device
Files sent to DesktopFiles sent to Desktop
Power Plan Description
Power SaverThis plan saves power on a mobile computer by reducing system performance. Its primary purpose is to maximize battery life.
High performance
This plan provides the highest level of performance on a mobile computer by adapting processor speed to your work or activity and by maximizing system performance.
BalancedThis plan balances energy consumption and system performance by adapting the computer’s processor speed to your activity.
Method for turning a computer on or off
Data Storage State Power Needs
Sleep or Standby System State Saved to Memory Low
Hibernate System State Saved to Disk None
Shut Down All Data Saved to Disk None
Power Plans and Power-Saving Options in Windows 7
Demonstration: How to Configure a Power Plan
5 min5 min
Your instructor will demonstrate how to configure a power plan.
Lesson 2: Configuring Remote Desktop and Remote Assistance for Remote Access
•What Are Remote Desktop and Remote Assistance?
•Configuring Remote Desktop
•Demonstration: Configuring Remote Assistance
What are Remote Desktop and Remote Assistance?
Remote DesktopRemote Desktop Remote AssistanceRemote Assistance
• A Windows 7 feature that enables users to connect to their desktop computer from another device
• Enables administrators to connect to multiple remote servers for administrative purposes
• A Windows 7 feature that enables users to connect to their desktop computer from another device
• Enables administrators to connect to multiple remote servers for administrative purposes
• A Windows 7 feature that enables support staff to connect to a remote desktop computer
• Optionally allows for remote control of that computer
• Assistance can be sought or offered
• A Windows 7 feature that enables support staff to connect to a remote desktop computer
• Optionally allows for remote control of that computer
• Assistance can be sought or offered
Configuring Remote Desktop includes setting it up on the remote computer
and the host computer.
Host Computer
• Launch the Remote Desktop Connection
• Choose Options to see the Remote Desktop configuration settings
• On the General Tab, enter the remote computer’s name and your authentication credentials
• Save your Connection Settings• Select preferences on the remaining
Option’s tabs
Host Computer
• Launch the Remote Desktop Connection
• Choose Options to see the Remote Desktop configuration settings
• On the General Tab, enter the remote computer’s name and your authentication credentials
• Save your Connection Settings• Select preferences on the remaining
Option’s tabs
Remote Computer
• Open the System Window• Select Remote Settings• In the System Properties Window
select Allow Remote Assistance• Under Remote Desktop select or add
the users who can connect to this computer.
Remote Computer
• Open the System Window• Select Remote Settings• In the System Properties Window
select Allow Remote Assistance• Under Remote Desktop select or add
the users who can connect to this computer.
Configuring Remote Desktop
Demonstration: Configuring Remote Access
Your instructor will demonstrate how to:
• Request Remote Assistance
• Configure Windows Firewall to Enable Remote Administration
• Provide Remote Assistance
12 min12 min
Lesson 3: Configuring DirectAccess for Remote Access
• What is VPN Connection?
• Creating a VPN
• What is DirectAccess?
• How DirectAccess Works
• DirectAccess Requirements
VPNs are point-to-point connections across a private or public network such as the Internet. A VPN client uses special TCP/IP-based
protocols, called tunneling protocols, to make a virtual call to a virtual port on a VPN server
VPNs are point-to-point connections across a private or public network such as the Internet. A VPN client uses special TCP/IP-based
protocols, called tunneling protocols, to make a virtual call to a virtual port on a VPN server
What is a VPN?
PPTP uses Point-to-Point Protocol (PPP) for user-level authentication, and Microsoft Point-to-Point Encryption (MPPE) for encryption
PPTP uses Point-to-Point Protocol (PPP) for user-level authentication, and Microsoft Point-to-Point Encryption (MPPE) for encryption
L2TP uses PPP authentication and IPsec encryptionL2TP uses PPP authentication and IPsec encryption
VPN connections use either Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol/Internet Protocol security (L2TP/IPsec)
VPN connections use either Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol/Internet Protocol security (L2TP/IPsec)
Creating a VPN Connection
Creating a VPN connection in the Windows 7 system environment requires authenticated access to a Windows
a VPN Server
From the Network and Sharing Center- choose to the Setup a new connection wizard or type VPN at the Windows 7 search bar
Choose Connect to a workplace – Set up a dial-up or VPN connection Create a new connection
Select your VPN server after choosing Use my Internet Connection (VPN)
What is DirectAccess?
FeaturesFeatures
• Provides users transparent access to internal network resources whenever they are connected to the Internet
• Enables IT Professionals to manage remote computers outside of the office
• Establishes a bi-directional connection that enables the client computer to remain current with company policies and to receive software updates
• Does not require a VPN connection
• Supports multifactor authentication methods
• Configurable to restrict which servers, users, and individual applications are accessible
• Provides users transparent access to internal network resources whenever they are connected to the Internet
• Enables IT Professionals to manage remote computers outside of the office
• Establishes a bi-directional connection that enables the client computer to remain current with company policies and to receive software updates
• Does not require a VPN connection
• Supports multifactor authentication methods
• Configurable to restrict which servers, users, and individual applications are accessible
How DirectAccess Works
Selected Server Full Enterprise Network Selected Server Full Enterprise Network
Configured using DirectAccess console or IPsec policiesConfigured using DirectAccess console or IPsec policies
• IPsec session is established between the DirectAccess client and server
• IPsec is not used for communications across the internal network
• Enterprise internal security is unchanged
• Closely resembles VPN and can be more straightforward to deploy
• IPsec session is established between the DirectAccess client and server
• IPsec is not used for communications across the internal network
• Enterprise internal security is unchanged
• Closely resembles VPN and can be more straightforward to deploy
Highest level of security:
• Deploy IPv6 and IPsec in the organization
• Upgrade application servers Windows Server 2008 R2
• Enable selected server access• Allows end-to-end authentication and
encryption from the DirectAccess client to internal resources
Highest level of security:
• Deploy IPv6 and IPsec in the organization
• Upgrade application servers Windows Server 2008 R2
• Enable selected server access• Allows end-to-end authentication and
encryption from the DirectAccess client to internal resources
Flexible configuration meets organizational security requirementsFlexible configuration meets organizational security requirements
DirectAccess Requirements
Requirements
Deployment
Requirements
Deployment
• Windows Server 2008 R2 with two network adapters
• One domain controller and DNS server running Windows Server 2008 or Windows Server 2008 R2
• Public Key Infrastructure (PKI)
• IPsec policies
• IPv6 transition technologies
• Windows 7 Enterprise on the client computers
• Optionally, a NAT-PT device to provide IPv4 access
• Windows Server 2008 R2 with two network adapters
• One domain controller and DNS server running Windows Server 2008 or Windows Server 2008 R2
• Public Key Infrastructure (PKI)
• IPsec policies
• IPv6 transition technologies
• Windows 7 Enterprise on the client computers
• Optionally, a NAT-PT device to provide IPv4 access
• IPv6-over-IPsec to encrypt communications
• Scalability determined number of Direct Access servers
• Multiple ways to install Direct Access
• IPv6-over-IPsec to encrypt communications
• Scalability determined number of Direct Access servers
• Multiple ways to install Direct Access
Lesson 4: Configuring BranchCache for Remote Access
• What Is BranchCache?
• How BranchCache Works
• BranchCache Requirements
• Demonstration: Configuring BranchCache on a Windows 7 Client Computer
What Is BranchCache?
Key benefits for IT professionalsKey benefits for IT professionals
Remains transparent to the userRemains transparent to the user
Optimizes traffic flow between clients and serversOptimizes traffic flow between clients and servers
Supports commonly used network protocolsSupports commonly used network protocols
Supports end-to-end encryption between clients and serversSupports end-to-end encryption between clients and servers
Provides compatibility with end-to-end security protocolsProvides compatibility with end-to-end security protocols
Helps reduce WAN link utilizationHelps reduce WAN link utilization
Distributed Cache Mode
Cache is distributed across client computers
Additional client computers retrieve content from the first requesting client computer
Beneficial for branch offices that do not have a local server with Windows Server 2008 R2
Hosted Cache Mode
Cache is on a server at the branch office
Client computers retrieve content from the branch office server
Beneficial for larger branch offices that have hardware resources for a local server with Windows Server 2008 R2
Client computers are configured to use only one caching mode at a time.
DataData
Main OfficeMain Office
Branch OfficeBranch Office
How BranchCache Works
IDsIDs
GetGet
DataData
GetGet
DataData
GetGet
Distributed Cache
Branch OfficeBranch Office
DataData
GetGet DataData
PutPut
DataData
GetGet
GetGet
Hosted Cache
Client Configuration Server Configuration Client Configuration Server Configuration
BranchCache Requirements
• Off by default• Enable and configure manually or by
Group Policy• Caching mode to cooperative or
hosted• Host name of hosted cache server• Set client cache size• Set cache location on disk• Firewall rules required
• Off by default• Enable and configure manually or by
Group Policy• Caching mode to cooperative or
hosted• Host name of hosted cache server• Set client cache size• Set cache location on disk• Firewall rules required
• Windows Server 2008 R2 - required either in the main server location or at the branch office
• Windows 7 Enterprise - required on the client PCs
• Windows Server 2008 R2 - required either in the main server location or at the branch office
• Windows 7 Enterprise - required on the client PCs
• Not installed by default• Enable and configure manually or by
Group Policy• Enable for all file shares or on a file
share by file share basis• If enabled on a Web server, must be
enabled for all Web sites• Hosted cache equipped with a certificate
trusted by client computers suitable for TLS
• Not installed by default• Enable and configure manually or by
Group Policy• Enable for all file shares or on a file
share by file share basis• If enabled on a Web server, must be
enabled for all Web sites• Hosted cache equipped with a certificate
trusted by client computers suitable for TLS
Demonstration: Configuring BranchCache on a Windows 7 Client Computer
Your instructor will demonstrate how to:
• Configure BranchCache client-side Group Policy settings
• Enable BranchCache on a shared folder
• Configure Windows 7 client BranchCache settings
• Verify BranchCache configuration
20 min20 min
Lab: Configuring Mobile Computing and Remote Access in Windows 7
• Exercise 1: Creating a Sync Partnership
• Exercise 2: Configuring Power Options
• Exercise 3: Enabling Remote Desktop
• Exercise 4: Enabling BranchCache
Logon information:
Estimated time: 55 minutes
Lab Scenario
• The Contoso Corporation is implementing Windows 7 desktops throughout their organization. You are a help-desk technician in the Contoso Corporation. Amy Rusko is the Production manager for Contoso in the UK.
• Amy is about to visit all the manufacturing plants in the UK. Before she leaves, Amy would like you to enable and configure a sync partnership with her Windows Mobile device.
• She also wants you to configure a power plan on her laptop computer.
• In addition, she wants you to enable Remote Desktop on her office computer so she can connect to it while she’s travelling.
• Finally, users in the Slough production plant require timely access to corporate HQ files during Amy’s visit. Slough does not have a file server at present, and so you must enable BranchCache in Distributed Cache mode.
Lab Review
1. In exercise 2, you enabled the Remote Desktop feature through the firewall by editing the local firewall settings. Is there an alternative way in which you could make this change?
2. If you attempted to connect to Amy’s computer from a computer out on the Internet somewhere, what additional settings must you consider?
3. In exercise 3, you established the necessary settings to support BranchCache in Distributed cache mode. If the Slough plant installed a file server, what other way could you implement BranchCache?
Module Review and Takeaways
• Review Questions
• Common Issues
• Tools
Course Evaluation