View
221
Download
1
Category
Tags:
Preview:
Citation preview
Windows Network Policy Server Fundamentals
Ranjana JainMCSE, MCT, RHCE, CISSP, CIW Security AnalystIT Pro Evangelist Microsoft Indiahttp://ranjanajain.spaces.live.com
• Network Policy Server Architecture and
Functionality
• Deploying and configuring Network
Access Protection (NAP)
• Monitoring NPS for High Availability
What Will We Cover?
Level 300
• Understanding of network access
• Familiarity with DHCP
• Familiarity with RADIUS
Helpful Experience
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Agenda
The Core IO Model
CROSS-MODEL ENABLERS• Identity • Presence • Rights Management • Network Access
Desktop, Device, and Server ManagementDesktop, Device, and Server Management
Security and NetworkingSecurity and Networking
Identity and Access ManagementIdentity and Access Management
Data Protection and RecoveryData Protection and Recovery
IT Management and Security ProcessIT Management and Security Process
What is Network Policy Server?
NPS Authentication Process
User requests access to port
Network device asks user for credentials
Forwards credentials and connection details
Evaluates connection and forwards credentials for authentication
If policy matches, and user is authentic, access allowed
Device allows access
Demonstration Environment
Internal Network192.168.16.0/20
SEA-DC-01.contoso.comWindows Server Longhorn
Domain Controller, NPS, DHCP192.168.16.2/20
SEA-WRK-001.contoso.comWindows Vista
IP Address by means of DHCP
Demo
Reviewing Network Policies
Tour the NPS Console Configure NAP Server Settings Configure NAP Policies and Elements
demonstration
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Agenda
NetworkAccess
Requests Not Compliant
Policy Compliant
How NAP Works
Corporate Network
Restricted Network
WindowsClient
NetworkAccessDevices
NPS
ActiveDirectory
RemediationServers
HealthStatements
QA
SHA
EC QS
SHV
Demo
Configuring NAP for DHCP
Enable and Configure Client Settings Configure DHCP Server Test Client Access
demonstration
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Agenda
Deployment Best Practices
• Install NPS on the Domain Controller
• Use RADIUS to distribute requests
• Specify RADIUS client IP addresses
• Specify permission by RAP
• Log wisely
Debug Tracing Logs
RADIUS Server and Proxy
Authentication, Mapping, Validation
Policy and Quarantine Evaluation
File and Database Logging
Network Monitor
Corporate Network
Demo
Examining Connection Trace Logs
Examine Event Logs Examine Connection Logs
demonstration
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Agenda
NPS as a RADIUS Proxy
NPS RADIUSProxy Server
NPS Load Balancing
Demo
Configuring Load Balancing
Export Settings and Create Clone Configuration
Set Up NPS as a RADIUS Proxy
demonstration
Faster Communications Fast enterprise class search on clients and serversFaster networking with new TCP/IP stack and native IPv6Improved file-sharing performance over high-latency linksIntegrated remote access to internal applications and resources
Windows Server 2008 + Windows Vista
Greater AvailabilityScalable print servers with client-side renderingTransparent offline experience with client-side cachingTransactional File System for file and registry operationsPolicy-based Quality of Service to prioritize application bandwidth
More Efficient ManagementSingle worldwide servicing modelEvent forwarding between client and serverFaster and more reliable remote operating system deploymentsNetwork Access Protection ensures health of connecting systems
• NPS and NAP can be used to protect networks
• Policy rules may be extremely fine-grained
• NPS is a very flexible server application
Session Summary
Visit TechNet at:
www.microsoft.com/technet
www.microsoft.com/nap
For More Information
• Live Events and Online webcast Series
• My Blog: http://ranjanajain.spaces.live.com
• Chats, Newsgroups, Forums and Virtual Labs
• Local Locator for Professional User Groups
Where Else Can I Get Help?
groups.msn.com/itdelhiug
THANK YOU
Recommended