Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst...
-
Upload
judith-thornton -
Category
Documents
-
view
222 -
download
1
Transcript of Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst...
![Page 1: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/1.jpg)
Windows Network Policy Server Fundamentals
Ranjana JainMCSE, MCT, RHCE, CISSP, CIW Security AnalystIT Pro Evangelist Microsoft Indiahttp://ranjanajain.spaces.live.com
![Page 2: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/2.jpg)
• Network Policy Server Architecture and
Functionality
• Deploying and configuring Network
Access Protection (NAP)
• Monitoring NPS for High Availability
What Will We Cover?
![Page 3: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/3.jpg)
Level 300
• Understanding of network access
• Familiarity with DHCP
• Familiarity with RADIUS
Helpful Experience
![Page 4: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/4.jpg)
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Agenda
![Page 5: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/5.jpg)
The Core IO Model
CROSS-MODEL ENABLERS• Identity • Presence • Rights Management • Network Access
Desktop, Device, and Server ManagementDesktop, Device, and Server Management
Security and NetworkingSecurity and Networking
Identity and Access ManagementIdentity and Access Management
Data Protection and RecoveryData Protection and Recovery
IT Management and Security ProcessIT Management and Security Process
![Page 6: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/6.jpg)
What is Network Policy Server?
![Page 7: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/7.jpg)
NPS Authentication Process
User requests access to port
Network device asks user for credentials
Forwards credentials and connection details
Evaluates connection and forwards credentials for authentication
If policy matches, and user is authentic, access allowed
Device allows access
![Page 8: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/8.jpg)
Demonstration Environment
Internal Network192.168.16.0/20
SEA-DC-01.contoso.comWindows Server Longhorn
Domain Controller, NPS, DHCP192.168.16.2/20
SEA-WRK-001.contoso.comWindows Vista
IP Address by means of DHCP
![Page 9: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/9.jpg)
Demo
Reviewing Network Policies
Tour the NPS Console Configure NAP Server Settings Configure NAP Policies and Elements
demonstration
![Page 10: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/10.jpg)
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Agenda
![Page 11: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/11.jpg)
NetworkAccess
Requests Not Compliant
Policy Compliant
How NAP Works
Corporate Network
Restricted Network
WindowsClient
NetworkAccessDevices
NPS
ActiveDirectory
RemediationServers
HealthStatements
QA
SHA
EC QS
SHV
![Page 12: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/12.jpg)
Demo
Configuring NAP for DHCP
Enable and Configure Client Settings Configure DHCP Server Test Client Access
demonstration
![Page 13: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/13.jpg)
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Agenda
![Page 14: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/14.jpg)
Deployment Best Practices
• Install NPS on the Domain Controller
• Use RADIUS to distribute requests
• Specify RADIUS client IP addresses
• Specify permission by RAP
• Log wisely
![Page 15: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/15.jpg)
Debug Tracing Logs
RADIUS Server and Proxy
Authentication, Mapping, Validation
Policy and Quarantine Evaluation
File and Database Logging
![Page 16: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/16.jpg)
Network Monitor
Corporate Network
![Page 17: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/17.jpg)
Demo
Examining Connection Trace Logs
Examine Event Logs Examine Connection Logs
demonstration
![Page 18: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/18.jpg)
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Agenda
![Page 19: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/19.jpg)
NPS as a RADIUS Proxy
NPS RADIUSProxy Server
![Page 20: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/20.jpg)
NPS Load Balancing
![Page 21: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/21.jpg)
Demo
Configuring Load Balancing
Export Settings and Create Clone Configuration
Set Up NPS as a RADIUS Proxy
demonstration
![Page 22: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/22.jpg)
Faster Communications Fast enterprise class search on clients and serversFaster networking with new TCP/IP stack and native IPv6Improved file-sharing performance over high-latency linksIntegrated remote access to internal applications and resources
Windows Server 2008 + Windows Vista
Greater AvailabilityScalable print servers with client-side renderingTransparent offline experience with client-side cachingTransactional File System for file and registry operationsPolicy-based Quality of Service to prioritize application bandwidth
More Efficient ManagementSingle worldwide servicing modelEvent forwarding between client and serverFaster and more reliable remote operating system deploymentsNetwork Access Protection ensures health of connecting systems
![Page 23: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/23.jpg)
• NPS and NAP can be used to protect networks
• Policy rules may be extremely fine-grained
• NPS is a very flexible server application
Session Summary
![Page 24: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/24.jpg)
Visit TechNet at:
www.microsoft.com/technet
www.microsoft.com/nap
For More Information
![Page 25: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/25.jpg)
• Live Events and Online webcast Series
• My Blog: http://ranjanajain.spaces.live.com
• Chats, Newsgroups, Forums and Virtual Labs
• Local Locator for Professional User Groups
Where Else Can I Get Help?
groups.msn.com/itdelhiug
![Page 26: Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India .](https://reader035.fdocuments.net/reader035/viewer/2022062421/56649d8c5503460f94a73259/html5/thumbnails/26.jpg)
THANK YOU