Session 11 Tp 11

Microsoft Windows Server 2003 Network Infrastructure – Planning and Maintenance/ Session 11 / Slide 1 of 19

Session 11

Designing a Security

Infrastructure


Public Key Infrastructure uses Authentication and Encryption

Keys refer to a string and its corresponding algorithm

Public Key authentication uses a public key to verify the authenticity of the sender

Digital certificates map the public key to other information about the owner of the key

Review


Digital certificates are issued by a Certificate Authority

PKI components use the SSL and IPSec protocols

The CA has two root classes: enterprise and stand-alone

We can request certificates using the Certificate Request wizard or through the Certificate Services webpage

Review Contd…


Objectives Understand the types of software

updates Update a Network Secure a Wireless Network Administer a Network remotely


Types of software updates Proper maintenance can help a network

deliver trouble free performance For this, it is necessary to update the

computers with the latest enhancements and fixes for the software

Updates for Microsoft products come mainly in the form of service packs

Other updates include bug fixes and new drivers


Updating a Network Network administrator must carry out updating on a

timely basis While updating Administrator must consider the

following: Keep a track of when the updates are released, and

what each update does Computers that need updating must be identified Recommended to test the downloaded updates

before installation Process of updating computers in a large network

must be automated


Baseline Security Analyzer Graphical tool which scans Windows based computers

for missing security patches or incorrect security settings

It is not a part of the Windows Server 2003, but can be downloaded from the Microsoft website


Software Update Services Software Update Services (SUS) is a

graphical tool that automates the deployment of updates on the network

SUS consists of: Synchronization server Intranet Windows Update server Automatic updates


Wireless Network Standards

Wireless networks, or WLANs, enable connecting previously inaccessible areas

There are three standards developed by IEEE: 802.11b 802.11a 802.11g


Wireless Topologies Topology refers to the way computers are

connected using cables Two types of topologies are:

Ad hoc topology: Connects two or more wireless devices to form an ad hoc network among themselves

Infrastructure topology: Enables interconnectivity between a traditional cabled LAN and its wireless counterpart


Threats to Wireless Networks

There are two main threats for a wireless network: Unauthorized access: Equivalent of a telephone

line that has been tapped into. All the transmissions between the computers on the network may become accessible to the unauthorized user.

Data Interception: Equivalent of stealing from a bank vault. Using suitable tools, a person may be able to capture data packets transmitted between the wireless devices and the access point.


Securing Wireless Networks

Group policies can be used to restrict access of user to the network

The main ways to secure a wireless network are Authentication Encryption


Authentication User authentication can help prevent

unauthorized access to the network There are three systems used for

authentication Open System Authentication Shared Key Authentication IEEE 802.1x Authentication


Using Encryption Encryption protects data packets from being

read by unauthorized persons Does not stop data packets from being

intercepted


Administering the Network Most Microsoft Management Console

(MMC) snap-ins enable administrators to work on remote computers from their own computers

Tools to administer a network remotely include Remote Assistance Remote Desktop


Remote Assistance Provides help from remote location Enables the expert to control the computer of

the user Security features include

Invitations Interactive connectivity User Control Limited permissions Firewalls


Remote Desktop Gives complete control over the remote

computer Can take place over an unmanned

computer Creates a separate session Client needed to use Remote desktop is

included along with Windows Server 2003


Summary Service packs combine multiple fixes into one

package Hot fixes address only a certain issue Baseline Security Analyzer lists the updates

required by the system Software Update Services installs new updates

automatically over a network There are three wireless networking standards:

802.11b, 802.11a and 802.11g Topology is the way computers are connected to

each other


Summary Contd… Ad hoc topology can be formed when two wireless

devices come within each others range Infrastructure topology enables linking wireless and

wired networks There are three ways of authentication

Open system Shared key IEEE 802.1x

Networks can be administered remotely using Remote Assistance and Remote Desktop

Session 11 Tp 11

Technology

Transcript of Session 11 Tp 11