Date post: | 15-Jan-2016 |
Category: |
Documents |
Upload: | silvia-henderson |
View: | 212 times |
Download: | 0 times |
Guide to MCSE 70-270, Second Edition, Enhanced 1
Objectives
• Understand remote access under Windows XP• Configure various remote access connection types
for a Windows XP Professional system• Install remote access hardware• Understand remote access security• Understand the Internet Options applet
Guide to MCSE 70-270, Second Edition, Enhanced 2
Objectives
• Implement Internet Connection Sharing and the Internet Connection Firewall
• Understand the native Internet tools and utilities• Troubleshoot remote access problems
Guide to MCSE 70-270, Second Edition, Enhanced 3
Remote Access
• Components:• Clients
• Protocols
• WAN connectivity
• Security
• Server
• LAN protocols
Guide to MCSE 70-270, Second Edition, Enhanced 4
Features Of Remote Access in Windows XP
• Standard component• No manual service installation required
Guide to MCSE 70-270, Second Edition, Enhanced 5
PPP Multilink
• Increase overall throughput • Combine bandwidth of two or more physical
communication links• Based on Internet Engineering Task Force (IETF)
standard RFC 1717
Guide to MCSE 70-270, Second Edition, Enhanced 6
VPN Protocols
• Point-to-Point Tunneling Protocol (PPTP)• Supports multiprotocol VPNs
• Encrypted and secure
• Layer Two Tunneling Protocol (L2TP)• Developed by Cisco Systems
• Encapsulates PPP frames for transport over various networks
• Used in combination with IPSec
Guide to MCSE 70-270, Second Edition, Enhanced 7
Restartable File Copy
• Automatically retransmits incomplete file transfers• Faster transmission of large files over lower-
quality connections• Reduced cost from avoiding retransmission of the
whole file• Reduced frustration from interrupted transfers
Guide to MCSE 70-270, Second Edition, Enhanced 8
Idle Disconnect
• Shuts off remote access connection after specified period of inactivity
• Reduces the costs of remote access• Frees up inactive remote access ports
Guide to MCSE 70-270, Second Edition, Enhanced 9
Autodial and Logon Dial
• Automatically connect and retrieve files and applications stored on remote system
Guide to MCSE 70-270, Second Edition, Enhanced 10
Client and Server Enhancements
• Number of client and server components • Allow third-party vendors to develop remote
access and dial-up networking applications
Guide to MCSE 70-270, Second Edition, Enhanced 11
Look and Feel
• Undergone changes since Windows 2000• Significantly different from similar utilities in
Windows NT and Windows 95/98• Integrated with networking components• Network Connections:
• Multipurpose management interface
• Both standard LAN networking links and remote access links are established and configured
Guide to MCSE 70-270, Second Edition, Enhanced 12
Callback Security
• Control access to the system from specified phone numbers
• Calls may originate only from known phone number locations
• Remote access client can set the phone number dynamically
Guide to MCSE 70-270, Second Edition, Enhanced 13
WAN Connectivity
• Create WAN by connecting existing LANs • Remote access over:
• Telephone
• ISDN
• Cable modems
• Campus networks
• Other communication lines
• Cost-effective solution if you have minimal to moderate network traffic between sites
Guide to MCSE 70-270, Second Edition, Enhanced 14
Internet Network Access Protocols
• Supports all standard protocols for remote Internet access
• Remote access protocol dependent on the client and server OS and LAN protocols
Guide to MCSE 70-270, Second Edition, Enhanced 15
PPP
• Current standard for remote access• Microsoft recommends using PPP• Flexible • Industry standard
Guide to MCSE 70-270, Second Edition, Enhanced 16
PPTP
• Allows you to establish a secure remote access pipeline over the Internet
• “Tunnel” IPX or TCP/IP traffic inside PPP packets
• Significant features:• Low transmission costs
• Hardware costs
• Administrative overhead
• Improved security
Guide to MCSE 70-270, Second Edition, Enhanced 17
PPP-MP
• Combines two or more physical remote access links into one logical bundle with greater bandwidth
• Can combine analog and digital links• All connections to be aggregated must be of the
same technology type
Guide to MCSE 70-270, Second Edition, Enhanced 18
SLIP
• One of the first protocols developed specifically for TCP/IP support over dial-up connections
• Included in Windows XP for backward-compatibility
• Does not support Dynamic Host Configuration Protocol (DHCP)
Guide to MCSE 70-270, Second Edition, Enhanced 19
IPSec
• Security measure added to TCP/IP• Negotiates secure encrypted communications link • Uses public and private encryption key
management• Can be used over RAS/WAN link• Can be used within LAN
Guide to MCSE 70-270, Second Edition, Enhanced 20
Telephony Features
• TAPI• Remote access Telephony API
• Supplies uniform way of accessing:• Fax
• Data
• Voice
• Part of Windows Open System Architecture (WOSA)
Guide to MCSE 70-270, Second Edition, Enhanced 21
Remote Access Configuration
• Integrated default component of Windows XP• Configured and managed from Network
Connections window
Guide to MCSE 70-270, Second Edition, Enhanced 22
Network Connections Window
Guide to MCSE 70-270, Second Edition, Enhanced 23
Installing Remote Access Hardware
• Hardware must be installed before remote connection established
• Windows XP inspects hardware and attempts to identify any new devices
• Windows XP attempts to locate and install drivers for new device
Guide to MCSE 70-270, Second Edition, Enhanced 24
Phone and Modem Options
• Primary Control Panel applet for managing remote access devices and operations
• Used to control:• Dialing rules
• Configure remote access devices
• Configure telephony driver properties
Guide to MCSE 70-270, Second Edition, Enhanced 25
Connecting to the Internet
• Connect to the Internet Wizard:• Choose from a list of Internet service providers (ISPs)
• Set up my connection manually
• Use the CD I got from an ISP
Guide to MCSE 70-270, Second Edition, Enhanced 26
Connection Status Dialog Box
Guide to MCSE 70-270, Second Edition, Enhanced 27
Internet Connection Sharing
• Used to share single network connection with small group of networked computers
• Enabled on Advanced tab of connection object’s Properties dialog box
• Incorporates:• Network Address Translation (NAT) function
• Dynamic Host Configuration Protocol (DHCP) address allocator
• Domain Name System (DNS) proxy
Guide to MCSE 70-270, Second Edition, Enhanced 28
Internet Connection Firewall
• Security measure for protecting network connections from unwanted traffic
• Can set restrictions on traffic in and out of network to an external network or the Internet
• Much-needed feature for systems that employ shared broadband connections
• Stateful firewall• Blocks most incoming traffic by default
Guide to MCSE 70-270, Second Edition, Enhanced 29
Connecting to the Network at My Workplace
• Virtual Private Networking (VPN) • Trend in mobile computing
• Employs the Internet as long-distance carrier to enable distant, secure LAN connections
• Windows XP VPN:• Encrypts all traffic
• Setup with New Connection Wizard
Guide to MCSE 70-270, Second Edition, Enhanced 30
Setting Up an Advanced Connection
• Used to:• Establish direct connection between two systems
• Transfer large amount of data with no network connection
• Use serial or parallel cable
• Configure system to answer inbound dial-up calls• Can act as remote access server for single incoming
connection
• Only for special-purpose applications
Guide to MCSE 70-270, Second Edition, Enhanced 31
Alternate IP Configuration
• Available whenever networking connection object uses DHCP
• Preconfigure alternate default IP configuration if DHCP fails
• Prevents APIPA address from being assigned
Guide to MCSE 70-270, Second Edition, Enhanced 32
Remote Access Security
• Built on Windows XP local and network security• Dial-up connection objects
• Authentication and encryption security options
• VPN• Used to secure remote access
Guide to MCSE 70-270, Second Edition, Enhanced 33
Certificates
• Provide proof of identity for network and Internet communications
• Allow systems to trust unknown online parties for the purposes of:• Exchanging information
• Exchanging Data
• Performing e-commerce
• Product of cryptographic mechanism known as public key infrastructure (PKI)
Guide to MCSE 70-270, Second Edition, Enhanced 34
Certificates (continued)
• Certificate Authority (CA):• Responsible for:
• Creating
• Issuing
• Managing
• Revoking certificates
• Can be server computer system within organization’s network or service offered by independent third-party organization
Guide to MCSE 70-270, Second Edition, Enhanced 35
Internet Options Applet
• Used to define settings for Internet Explorer and general Internet access
• Four Web zones:• Internet
• Local intranet
• Trusted sites
• Restricted sites
Guide to MCSE 70-270, Second Edition, Enhanced 36
Internet Options Applet (continued)
• Security restrictions:• Low
• Medium Low
• Medium
• High
Guide to MCSE 70-270, Second Edition, Enhanced 37
Windows XP and the Internet
• Tools to help access the Internet: • Internet Explorer
• Outlook Express
• FTP client,
• Telnet client
• Internet Information Server (IIS)
Guide to MCSE 70-270, Second Edition, Enhanced 38
Internet Explorer
• Version 6.0 is included• State-of-the-art Web browser• Tightly integrated with other Windows
applications• Wide range of security related configuration
options• Can be used as FTP client.
Guide to MCSE 70-270, Second Edition, Enhanced 39
Outlook Express
• Popular e-mail client utility• Part of Microsoft Office• Outlook Express included in Windows XP• Used to read and write e-mail• Used to file and sort messages• Contact management tool
Guide to MCSE 70-270, Second Edition, Enhanced 40
FTP Client
• Command-line implementation of FTP client included in Windows XP
• Numerous freeware and shareware GUI implementations:• More user-friendly
Guide to MCSE 70-270, Second Edition, Enhanced 41
Telnet Client
• Simple tool provided in Windows XP• Attempts to establish Telnet session with remote
system based on domain name or IP address
Guide to MCSE 70-270, Second Edition, Enhanced 42
Internet Information Server
• Reduced functionality version of Internet Information Server (IIS) included with Windows XP
• Allows system to host Web and FTP services• Limited to 10 simultaneous connections• Not designed or intended for public Web/FTP site
hosting
Guide to MCSE 70-270, Second Edition, Enhanced 43
Order Prints Online
• Feature of the My Pictures folder• Starts the Online Print Ordering Wizard• Requires that Internet access be available
Guide to MCSE 70-270, Second Edition, Enhanced 44
Client Vs. Server-based Remote Access
• Limited to a single incoming dial-up connection• Can support only 10 simultaneous network
connections• Can share an Internet link with a workgroup
Guide to MCSE 70-270, Second Edition, Enhanced 45
Remote Access Troubleshooting
• Problems can be fairly elusive• Check:
• Physical connections (phone lines, serial cables, etc.)
• Power to external devices
• Properly installed and updated drivers
• Properly configured settings
• Correct authentication credentials
• Similar encryption or security requirements
• Proper protocol requirements and settings
Guide to MCSE 70-270, Second Edition, Enhanced 46
Remote Access Troubleshooting (continued)
• Log files:• File containing all communications made between the
OS and modem device during connection establishment
• PPP.LOG
• System log
Guide to MCSE 70-270, Second Edition, Enhanced 47
Summary
• Windows XP works with various internetworking and remote access protocols
• Windows XP provides security and encryption features for remote access
• Internet Connection Sharing can be used to share a single ISP link with a small network
• Certificates are used to prove identity and support secured online transactions