Post on 30-Jan-2016
transcript
1
Chapter 11: Dial-Up Connectivity in Remote Access Designs
Designs That Include Dial-Up Remote Access
Essential Dial-Up Remote Access Design Concepts
Data Protection in Dial-Up Remote Access Designs
Dial-Up Remote Access Design Optimization
2
Routing and Remote Access Introduction For remote access to private networking
resources, you can use Dial-up Virtual private network (VPN) Remote Authentication Dial-In User Service (RADIUS)
Dial-up access lets you control Remote access servers Modem types and data rates Access phone numbers User accounts Accessibility of private network resources
Dial-up access uses Point-to-Point Protocol (PPP).
3
Routing and Remote Access and Microsoft Windows 2000
A Windows 2000 feature Remote access client Remote access server
4
Remote Access Clients and Servers
5
Dial-Up Remote Access Design Review
Amount of data transmitted Number of locations Existing modems and phone lines Plans for network growth Number of simultaneous clients Operating systems used by clients Protocols used by clients
6
Dial-Up Remote Access Design Decisions
Integration into existing network Hardware requirements for servers Confidential data protection Availability to remote access users Optimization of network traffic
7
Dial-Up Remote Access Designs Use dial-up remote access to control all
design aspects. Evaluate cost of ownership issues.
Number of simultaneous remote users Number of locations requiring remote access Monthly phone line costs Initial investment in modems Phone line installation Ongoing support costs
Consider outsourcing to reduce costs.
8
Number of Remote Access Servers
Determine the maximum number of users.
Determine the sustained data rate. Perform a pilot test. Calculate the number of servers.
9
Placing Remote Access Servers
Placement goals: Centralize administration Reduce costs Reduce network traffic
Single or multiple location configuration
10
Single Location Configuration The hardware must support the
maximum number of users. Advantages:
Centralized administration Reduced administration costs
Disadvantages: Increased network traffic on segments Increased telephone charges No redundancy
11
Multiple Location Configuration The hardware must support the
maximum number of users. Advantages:
Reduced network traffic between segments Reduced telephone charges Redundancy
Disadvantages: Decentralized administration Increased administration costs
12
Remote Access Client Support Communications ports Transport protocols determined by
Operating system Applications Network management tools Resource servers accessed by client
Network address assignment Manually allocate Automatically assign using Dynamic Host
Configuration Protocol (DHCP)
13
Preventing Unauthorized Access
Restrict access to resources on the server.
Restrict traffic on the server by using filters. Resources or servers Network segments Traffic types (for example, HTTP)
Place servers on screened subnets.
14
Preventing Unauthorized Access (Cont.)
15
Protecting Remote Access Data Authenticate remote users.
Local accounts Active Directory directory service accounts
Encrypt confidential data. Microsoft Point-to-Point Encryption (MPPE) Internet Protocol Security (IPSec)
Enforce remote access policies. Conditions Remote access permissions Profiles
16
Enhancing Remote Access Availability
Include multiple dial-up remote access servers.
Use backup phone numbers. Dedicate a computer to Routing and
Remote Access.
17
Improving Remote Access Performance
Upgrade server hardware. Intelligent communications adapters Faster modems Server processor and memory
Distribute clients across multiple servers.
Dedicate a computer to Routing and Remote Access.
18
Chapter Summary
Dial-up provides control over remote access but is more expensive.
Services include remote access client and server.
19
Chapter Summary (Cont.)
Your design should Determine maximum number of users and
data rate Use multiple servers Evaluate client needs Protect the private network Improve availability and performance