session 11 tp 11
DESCRIPTION
TRANSCRIPT
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 1 of 19
Session 11
Designing a Security
Infrastructure
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 2 of 19
Public Key Infrastructure uses Authentication and Encryption
Keys refer to a string and its corresponding algorithm
Public Key authentication uses a public key to verify the authenticity of the sender
Digital certificates map the public key to other information about the owner of the key
Review
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 3 of 19
Digital certificates are issued by a Certificate Authority
PKI components use the SSL and IPSec protocols
The CA has two root classes: enterprise and stand-alone
We can request certificates using the Certificate Request wizard or through the Certificate Services webpage
Review Contd…
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 4 of 19
Objectives Understand the types of software
updates Update a Network Secure a Wireless Network Administer a Network remotely
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 5 of 19
Types of software updates Proper maintenance can help a network
deliver trouble free performance For this, it is necessary to update the
computers with the latest enhancements and fixes for the software
Updates for Microsoft products come mainly in the form of service packs
Other updates include bug fixes and new drivers
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 6 of 19
Updating a Network Network administrator must carry out updating on a
timely basis While updating Administrator must consider the
following: Keep a track of when the updates are released, and
what each update does Computers that need updating must be identified Recommended to test the downloaded updates
before installation Process of updating computers in a large network
must be automated
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 7 of 19
Baseline Security Analyzer Graphical tool which scans Windows based computers
for missing security patches or incorrect security settings
It is not a part of the Windows Server 2003, but can be downloaded from the Microsoft website
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 8 of 19
Software Update Services Software Update Services (SUS) is a
graphical tool that automates the deployment of updates on the network
SUS consists of: Synchronization server Intranet Windows Update server Automatic updates
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 9 of 19
Wireless Network Standards
Wireless networks, or WLANs, enable connecting previously inaccessible areas
There are three standards developed by IEEE: 802.11b 802.11a 802.11g
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 10 of 19
Wireless Topologies Topology refers to the way computers are
connected using cables Two types of topologies are:
Ad hoc topology: Connects two or more wireless devices to form an ad hoc network among themselves
Infrastructure topology: Enables interconnectivity between a traditional cabled LAN and its wireless counterpart
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 11 of 19
Threats to Wireless Networks
There are two main threats for a wireless network: Unauthorized access: Equivalent of a telephone
line that has been tapped into. All the transmissions between the computers on the network may become accessible to the unauthorized user.
Data Interception: Equivalent of stealing from a bank vault. Using suitable tools, a person may be able to capture data packets transmitted between the wireless devices and the access point.
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 12 of 19
Securing Wireless Networks
Group policies can be used to restrict access of user to the network
The main ways to secure a wireless network are Authentication Encryption
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 13 of 19
Authentication User authentication can help prevent
unauthorized access to the network There are three systems used for
authentication Open System Authentication Shared Key Authentication IEEE 802.1x Authentication
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 14 of 19
Using Encryption Encryption protects data packets from being
read by unauthorized persons Does not stop data packets from being
intercepted
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 15 of 19
Administering the Network Most Microsoft Management Console
(MMC) snap-ins enable administrators to work on remote computers from their own computers
Tools to administer a network remotely include Remote Assistance Remote Desktop
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 16 of 19
Remote Assistance Provides help from remote location Enables the expert to control the computer of
the user Security features include
Invitations Interactive connectivity User Control Limited permissions Firewalls
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 17 of 19
Remote Desktop Gives complete control over the remote
computer Can take place over an unmanned
computer Creates a separate session Client needed to use Remote desktop is
included along with Windows Server 2003
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 18 of 19
Summary Service packs combine multiple fixes into one
package Hot fixes address only a certain issue Baseline Security Analyzer lists the updates
required by the system Software Update Services installs new updates
automatically over a network There are three wireless networking standards:
802.11b, 802.11a and 802.11g Topology is the way computers are connected to
each other
Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 19 of 19
Summary Contd… Ad hoc topology can be formed when two wireless
devices come within each others range Infrastructure topology enables linking wireless and
wired networks There are three ways of authentication
Open system Shared key IEEE 802.1x
Networks can be administered remotely using Remote Assistance and Remote Desktop