Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 98 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
98
Dung lượng
2,52 MB
Nội dung
Module 13: Networking Service Designs Contents Overview Evaluating the Existing Configuration Identifying the Essential Design Decisions Providing Security 15 Enhancing the Availability and Performance 19 Lab A: Creating Networking Solutions 28 Review 89 Information in this document is subject to change without notice The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted Complying with all applicable copyright laws is the responsibility of the user No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation If, however, your only means of access is electronic, permission to print one copy is hereby granted Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property 2000 Microsoft Corporation All rights reserved Microsoft, Active Directory, ActiveX, BackOffice, FrontPage, JScript, MS-DOS, NetMeeting, PowerPoint, Visual Basic, Visual C++, Visual Studio, Win32, Windows, Windows Media, Windows NT, are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A and/or other countries/regions Project Lead: Don Thompson (Volt Technical) Instructional Designers: Patrice Lewis (S&T OnSite), Renu Bhatt NIIT (USA) Inc Instructional Design Consultants: Paul Howard, Susan Greenberg Program Managers: Jack Creasey, Doug Steen (Independent Contractor) Technical Contributors: Thomas Lee, Bernie Kilshaw, Joe Davies Graphic Artist: Kirsten Larson (S&T OnSite) Editing Manager: Lynette Skinner Editor: Kristen Heller (Wasser) Copy Editor: Kaarin Dolliver (S&T Consulting) Online Program Manager: Debbi Conger Online Publications Manager: Arlo Emerson (Aditi) Online Support: Eric Brandt (S&T Consulting) Multimedia Development: Kelly Renner (Entex) Test Leads: Sid Benevente, Keith Cotton Test Developer: Greg Stemp (S&T OnSite) Production Support: Lori Walker (S&T Consulting) Manufacturing Manager: Rick Terek (S&T OnSite) Manufacturing Support: Laura King (S&T OnSite) Lead Product Manager, Development Services: Bo Galford Lead Product Manager: Ken Rosen Group Product Manager: Robert Stewart Other product and company names mentioned herein may be the trademarks of their respective owners Module 13: Networking Service Designs iii Instructor Notes Presentation: 75 Minutes Labs: 120 Minutes This module provides students with the information needed to design networking solutions that support applications based on the requirements of an organization Students will use the knowledge of networking services (in terms of features, functions, functionality, security, availability, and performance of the service) to design networking solutions for given scenarios At the end of this module, students will be able to: Identify the characteristics of the scenario that influence the design decisions Describe the essential design decisions required to provide networking services Describe the design decisions for securing the networking services Describe the design decisions for improving the availability and performance of the networking services Upon completion of the design lab, students will be able to design networking solutions that meet the requirements of a variety of given scenarios Course Materials and Preparation This section provides you with the required materials and preparation tasks that are needed to teach this module Required Materials To teach this module, you need the following materials: Microsoft® PowerPoint® file 1562B_13.ppt Preparation Tasks To prepare for this module: Review the contents of this module Read any relevant information in the Windows 2000 Help files, the Windows 2000 Resource Kit, or documents provided on the Instructor CD Review discussion material and be prepared to lead class discussions on the topics Complete the lab and be prepared to elaborate beyond the solutions found there Read the review questions and be prepared to elaborate beyond the answers provided in the text iv Module 13: Networking Service Designs Module Strategy Use the following strategy to present this module: Evaluating the Existing Configuration Tell the students that in this module, they will use their knowledge of Microsoft Windows® 2000 networking services to design networking solutions Point out that they will test their knowledge by working on an organizational scenario In this section: • Explain that students will design networking solutions for an investment firm scenario Tell them that before designing a solution, they must identify the current status of the design project • Explain that the design requirements and limitations must be identified when making design decisions Identifying the Essential Design Decisions Emphasize that while designing a network, it is essential to identify which networking services to include in the network design and where to place the servers to provide essential support for the solution In this section: • Avoid spending too much time explaining the networking services Focus on the selection of the appropriate networking service for a given scenario • Point out that the placement of servers running the networking services is as important as selecting the appropriate service • Emphasize that for each of the networking servers placed within any location, the design options for the service are specified Providing Security If the network is carrying confidential data, then it is the responsibility of the network designer to ensure that the network is secure In this section, brief the students on the potential security risks to networks and how to prevent those risks from occurring Enhancing the Availability and Performance Point out that in a network design, certain networking services are essential for the continued operation of mission-critical applications When these networking services are unavailable or respond slowly, the applications that the services support also experience outages and slow performance In this section: • Emphasize that identifying the networking services that require improved availability and performance is the first step in making the solution available • Explain that depending on the networking service, its availability and performance can be improved by adding servers, subnets, routers, proxy servers, and remote access servers Module 13: Networking Service Designs v Lab Strategy Use the following strategy to present this lab Lab A: Creating Network Solutions In the design lab, students will design a network solution based on specific requirements outlined in the given scenarios Students will review the scenarios and the design requirements and read any supporting materials They will use this information, and the knowledge gained from the module, to develop detailed designs To conduct this lab: Read through the lab carefully, paying close attention to the instructions and to the details of the scenario Consider dividing the class into teams of two or more students Present the lab and make sure students understand the instructions and the purpose of the lab Remind students to consider any functionality, security, availability, and performance criteria provided in the scenario and how they will incorporate strategies to meet these criteria in their design Allow some time to discuss the solutions after the lab is completed A solution is provided in your materials to assist you in reviewing the lab results Encourage students to critique each other’s solutions and to discuss any ideas for improving their designs Module 13: Networking Service Designs Overview Slide Objective To provide an overview of the module topics and objectives Evaluating the Existing Configuration Lead-in Identifying the Essential Design Decisions In this module, you will examine an investment firm scenario and the design that provides a solution to the business requirements of the firm Providing Security Enhancing the Availability and Performance The networking services in Microsoft® Windows® 2000 provide the foundation to solve connectivity and protocol requirements for organizations You can integrate the networking services to be able to design networking solutions that establish a network foundation, provide access to public networks, include connectivity for remote users and locations, and support network-based applications and authentication methods In this module, you will design a networking solution for an investment firm and address the basic functionality, security, availability, and performance features of the solution When combined with Microsoft Proxy Server and Internet Information Services (IIS), the networking services in Windows 2000 can provide complete solutions for the investment firm At the end of this module, you will be able to: Identify the characteristics of the scenario that influence the design decisions Describe the essential design decisions required to provide networking services Describe the design decisions for securing the networking services Describe the design decisions for improving the availability and performance of the networking services Module 13: Networking Service Designs Evaluating the Existing Configuration Slide Objective To describe the information that influences the design Lead-in To design a solution for the investment firm, you must first identify the information that influences the design Current Project Status Design Requirements and Limitations To design a solution for the investment firm, you must identify the information that influences the design Based on that information, you make decisions about which networking services to include, along with which specifications to select for each service To identify the information that influences the design, you must: Examine the current project status Examine the design requirements and limitations Module 13: Networking Service Designs Current Project Status Slide Objective To describe the current status of the investment firm Lead-in To design a solution for the investment firm, you must first identify the current status of the design project New York Router 175 Hosts Router 3 Hosts 250 Hosts Router 100 Hosts 200 Hosts Router Tokyo Router 150 Hosts London 75 Hosts Delivery Tip Ask the students to study the slide and to list the important points to be considered for designing a solution Many investment firms are increasing their presence on the Internet because of electronic trading and online investments These firms also connect branch offices by using public networks such as the Internet In addition, many of the brokers and agents within investment firms require remote access to their confidential client information A well-established investment firm is expanding operations to include a larger online presence, and to provide remote access to broker and client information The existing connectivity between the New York, Tokyo, and London locations is provided by: Dedicated routers at each location 56 kilobits per second (Kbps) dedicated lease-lines between locations The following table lists the project milestones completed to date, and the reason these milestones were completed Activity So that the Upgrading the physical network Private network can support additional traffic generated by the broker and trading applications Replacing Routers and with higher-performance routers Routers can support the additional traffic generated by the broker and trading applications Upgrading Internet connections to T1 connections Internet connections can support the traffic between the locations Testing for the approved computer hardware architecture Compatibility and performance of the approved computer hardware architecture is confirmed Recording performance statistics for the approved computer hardware architecture Number of computers required to support the networking services can be determined Module 13: Networking Service Designs Design Requirements and Limitations Slide Objective To describe the requirements and limitations of the investment firm that influence the design decisions New York Router 175 Hosts Lead-in To design a solution for the investment firm, you must first identify the design requirements and limitations Router 3 Hosts 250 Hosts Router 100 Hosts Router 200 Hosts Tokyo Router 150 Hosts London 75 Hosts An investigation of the current network, user traffic patterns, and future network requirements reveals the following additional information that you consider when making your design decisions Applications The investment firm uses a number of applications to conduct the day-to-day operations To create a solution for the investment firm, your design must provide: Support for a mission-critical Web-based application that manages investment firm customers and their stock portfolios Support for a mission-critical Web-based application that allows customers to check their stock portfolios and to perform investment trading over the Internet Private network access to all shared folders and Web-based applications from the New York, Tokyo, and London offices Performance response times to allow a stock trade transaction to occur within three seconds Administration of private network resources by using a directory services infrastructure Authentication of users by using a directory services infrastructure Support for all mission-critical applications to be available 24-hours-a-day, 7-days-a-week 78 Module 13: Networking Service Designs Scenario D Aerospace Consortium Solution A group of international aerospace companies have formed a consortium to work on a satellite launch vehicle The management of the consortium is a board of directors consisting of employees from each of the companies and is located in Bonn The members of the consortium have research and development facilities in London, San Jose, Madrid, Moscow, and Paris The research facilities are where the launch vehicle development occurs Each member of the consortium has appointed a team of engineers who are assigned to the development of the launch vehicle The engineers travel between research facilities as the project progresses and may be in a facility for three to six months at a time Module 13: Networking Service Designs This is the high-level diagram of the launch vehicle consortium network Additional detail for the consortium headquarters and research facilities is shown in subsequent diagrams 79 80 Module 13: Networking Service Designs This is the existing network at the consortium headquarters in Bonn Module 13: Networking Service Designs This is the existing network at all of the research and development facilities All research facilities have the same network configuration 81 82 Module 13: Networking Service Designs Design Limitations and Requirements By examining existing documentation, and conducting interviews with the consortium personnel, you have established the design requirements that must be achieved Make sure your solution meets or exceeds these requirements Applications The launch vehicle consortium uses a number of applications to conduct the day-to-day operations To create a solution for the consortium, your design must provide: Support for a mission-critical Web-based application that provides project status and reporting for engineers working for the consortium Private network access to all shared folders and Web-based applications at the consortium headquarters and research facilities Internet access from the research facilities Active Directory as the directory service for the consortium headquarters and the consortium-shared network at each research facility Support for all mission-critical applications to be available 24-hours-a-day, 7-days-a-week Connectivity The applications used by the consortium require connectivity between the consortium headquarters and the research facilities To create a solution for the consortium, your design must provide: Support for the research facilities to connect to the consortium headquarters by using dedicated connections over the Internet Support for the consortium engineers to connect to their respective companies by using dedicated connections over the Internet from the consortium headquarters Support for the consortium engineers to connect to their respective companies by using dedicated connections over the Internet from any of the research facilities Isolation of the consortium-shared network and the consortium member’s private network within each research facility Isolation of the consortium headquarters and the research facilities from the Internet Encryption of all data transmitted over the Internet Consortium Headquarters – Answers Server name Server placement RRARTR01 Between Subnets B and E Service configuration options Networking services to include DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 PRXYSRV01 Between Subnets B and E DHCP Replace Router with RRARTR01 Establish a VPN tunnel with routers in the research facilities Encrypt data by using MPPE 128-bit encryption Authenticate the tunnel by using MSCHAP v2 Establish static routes for the other offices Routing and Remote Access DNS NAT Enable access for all users within the consortium headquarters WINS Routing Enable active caching IAS Remote Access Filter HTTP and FTP traffic on RRARTR01 NAT WINS Routing Enable active caching IAS PRXYSRV02 Between Subnets B and E Remote Access Filter HTTP and FTP traffic on RRARTR01 DHCP Routing and Remote Access Proxy Server 2.0 VPNSRV01 Between Subnets B and D DHCP Routing and Remote Access Specify that PRXYSRV02 belongs to the proxy array named PRXYARRAY01 Specify VPN ports that support PPTP tunnels DNS NAT WINS Routing Authenticate remote users by using MS-CHAP and MS-CHAP v2 IAS Remote Access Encrypt data by using MPPE 128-bit encryption Proxy Server 2.0 VPNSRV02 Between Subnets B and D DHCP Routing and Remote Access Specify that VPNSRV01 belongs to a Network Load Balancing cluster named NLBCLUSTER01 Specify VPN ports that support PPTP tunnels DNS NAT WINS Routing Authenticate remote users by using MS-CHAP and MS-CHAP v2 IAS Remote Access Module 13: Networking Service Designs DNS Specify that PRXYSRV01 belongs to the proxy array named PRXYARRAY01 Enable access for all users within the consortium headquarters Proxy Server 2.0 Encrypt data by using MPPE 128-bit encryption Specify that VPNSRV02 belongs to a Network Load Balancing cluster named NLBCLUSTER01 83 Proxy Server 2.0 84 Consortium Headquarters – Answers (Continued) Server placement CLSTRND01 On Subnet B Networking services to include DHCP Service configuration options Routing and Remote Access Specify a DHCP scope for Subnets A, B, and C DNS NAT Specify a single Active Directory integrated zone WINS Routing IAS Remote Access Specify that CLSTRND01 belongs to a server cluster named SVRCLSTR01 Proxy Server 2.0 CLSTRND02 On Subnet B DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 Specify that CLSTRND01 is a secondary node for a WINS service running on CLSTRND02 Specify a single Active Directory integrated zone Specify that CLSTRND02 belongs to a server cluster named SVRCLSTR01 Specify that CLSTRND02 is a secondary node for a DHCP service running on CLSTRND01 Module 13: Networking Service Designs Server name Research Facility Member Private Network – Answers Server name Server placement RRARTR02 Between Subnet G and the inner firewall Networking services to include DHCP Service configuration options Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Establish static routes for the other offices Proxy Server 2.0 PRXYSRV03 Between Subnet G and the inner firewall DHCP Establish a VPN tunnel with routers in the consortium headquarters and other research facilities Encrypt data by using MPPE 128-bit encryption Authenticate the tunnel by using MSCHAP v2 Routing and Remote Access DNS NAT Enable access for all users within the consortium member private network WINS Routing Enable active caching IAS Remote Access Filter HTTP and FTP traffic on RRARTR02 NAT WINS Routing Enable active caching IAS PRXYSRV04 Between Subnet G and the inner firewall Remote Access Filter HTTP and FTP traffic on RRARTR02 DHCP Routing and Remote Access Proxy Server 2.0 RADSRV01 On Subnet G DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 RADSRV02 On Subnet G DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Specify RADSRV01 as the secondary RADIUS accounting server Include RADIUS clients from all consortium shared networks Specify RADSRV02 as the primary RADIUS accounting server Specify RADSRV02 as the secondary RADIUS authentication server Include RADIUS clients from all consortium shared networks 85 Proxy Server 2.0 Specify that PRXYSRV04 belongs to the proxy array named PRXYARRAY02 Specify RADSRV01 as the primary RADIUS authentication server Module 13: Networking Service Designs DNS Specify that PRXYSRV03 belongs to the proxy array named PRXYARRAY02 Enable access for all users within the consortium headquarters Proxy Server 2.0 86 Research Facility Member Private Network – Answers (Continued) Server placement CLSTRND03 On Subnet G Networking services to include DHCP Service configuration options Routing and Remote Access Specify a DHCP scope for Subnets F, G, and H DNS NAT Specify a single Active Directory integrated zone WINS Routing IAS Remote Access Specify that CLSTRND03 belongs to a server cluster named SVRCLSTR02 Proxy Server 2.0 CLSTRND04 On Subnet G DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 Specify that CLSTRND03 is a secondary node for a WINS service running on CLSTRND04 Specify a single Active Directory integrated zone Specify that CLSTRND04 belongs to a server cluster named SVRCLSTR02 Specify that CLSTRND04 is a secondary node for a DHCP service running on CLSTRND03 Module 13: Networking Service Designs Server name Research Facility Consortium Shared Network – Answers Server name Server placement RRARTR03 Between Subnets I and J Networking services to include DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Service configuration options Replace Router with RRARTR03 Establish a VPN tunnel with routers in the consortium headquarters and other research facilities Encrypt data by using MPPE 128-bit encryption Authenticate the tunnel by using MS-CHAP v2 DNS NAT Establish static routes for the other offices Enable access for all users within the consortium member private network WINS Routing Enable active caching IAS PRXYSRV05 Between Subnets I and J Remote Access Filter HTTP and FTP traffic on RRARTR02 DHCP Routing and Remote Access Specify that PRXYSRV03 belongs to the proxy array named PRXYARRAY02 Proxy Server 2.0 PRXYSRV06 Between Subnets I and J DHCP Routing and Remote Access Enable access for all users within the consortium headquarters Enable active caching Routing Filter HTTP and FTP traffic on RRARTR02 IAS Remote Access Specify that PRXYSRV04 belongs to the proxy array named PRXYARRAY02 Proxy Server 2.0 DHCP Routing and Remote Access Specify VPN ports that support PPTP tunnels DNS Authenticate remote users by using MS-CHAP and MS-CHAP v2 WINS Routing Encrypt data by using MPPE 128-bit encryption IAS RADCLI02 On Subnet I NAT Remote Access (RADIUS) Specify that RADCLI01 is a RADIUS client that belongs to a Network Load Balancing cluster named NLBCLUSTER02 Proxy Server 2.0 DHCP Routing and Remote Access Specify VPN ports that support PPTP tunnels DNS NAT Authenticate remote users by using MS-CHAP and MS-CHAP v2 WINS Routing Encrypt data by using MPPE 128-bit encryption IAS Remote Access (RADIUS) Specify that RADCLI02 is a RADIUS client that belongs to a Network Load Balancing cluster named NLBCLUSTER02 Proxy Server 2.0 Module 13: Networking Service Designs NAT WINS RADCLI01 On Subnet I DNS 87 88 Research Facility Consortium Shared Network – Answers (Continued) Server placement CLSTRND05 On Subnet I Networking services to include DHCP Service configuration options Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 CLSTRND06 On Subnet I DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 DHCP Routing and Remote Access DNS NAT WINS Routing IAS Remote Access Proxy Server 2.0 Specify a DHCP scope for subnet I Specify a single Active Directory integrated zone from consortium headquarters Specify that CLSTRND05 belongs to a server cluster named SVRCLSTR03 Specify that CLSTRND05 is a secondary node for a WINS service running on CLSTRND06 Specify a single Active Directory integrated zone from consortium headquarters Specify that CLSTRND06 belongs to a server cluster named SVRCLSTR03 Specify that CLSTRND06 is a secondary node for a DHCP service running on CLSTRND05 Module 13: Networking Service Designs Server name Module 13: Networking Service Designs 89 Review Slide Objective To reinforce module objectives by reviewing key points Evaluating the Existing Configuration Lead-in Identifying the Essential Design Decisions The review questions cover some of the key concepts taught in the module Providing Security Enhancing the Availability and Performance An insurance company has four regional offices and approximately 8,700 agent offices around the globe The company wants to create an Internet Web site where customers and agents can file claims and check claim status In addition, the agents need to be able to create new contacts and review sales information The company has approached you to create the networking services foundation upon which to base these applications Which networking services would you propose the company include in its design and why would you include these services in the design? TCP/IP as the protocol DHCP to provide automatic IP configuration for the regional offices and for the agent offices that have multiple computers DNS to provide name resolution for the regional offices and for agent offices that have multiple computers and participate in Active Directory WINS to provide name resolution for the desktop computers that run Windows 95, Windows 98, or Windows NT 4.0 Routing and Remote Access to provide connectivity between the regional offices or connectivity between the regional offices and the larger agent offices Routing and Remote Access to provide remote connectivity between the smaller agent offices and the regional offices Proxy Server for the regional offices to provide network isolation and caching of Web objects Network Address Translation for the larger agent offices to provide network isolation and direct Internet connectivity 90 Module 13: Networking Service Designs An organization has three geographic locations that are currently connected by using 56 Kbps leased lines and dedicated routers The organization is considering options for connecting the locations over the Internet Which networking services would you recommend to the organization for connecting these locations over the Internet, and why would you recommend these networking services as the solution? You would recommend Routing and Remote Access–based routers if the organization wants to only connect the locations, but does not require direct Internet access from the locations You would recommend Routing and Remote Access–based routers and Proxy Server if the organization wants Internet access in addition to connecting the locations An organization has a single location with approximately 300 desktop computers at the location The organization wants to provide an Internet Web site and Internet access for the 300 computers In addition, the organization has approximately 600 remote users that will connect to the private network within the single location by using a variety of operating systems All of the computers are Windows 2000–based computers Which networking services would you recommend to the organization and why would you recommend these networking services as the solution? You would recommend: DHCP to provide automatic IP configuration for the 300 desktop computers and the 600 remote users DNS to provide name resolution within the private network WINS to provide name resolution for the client computers that run Windows 95, Windows 98, Windows NT 4.0 Routing and Remote Access to provide VPN remote access to the 600 remote users Proxy Server to provide private network isolation and Internet access Module 13: Networking Service Designs 91 An organization has five buildings within a geographically close proximity The local telephone company provides dedicated T3 leased-line connections between the buildings The organization has a mixture of operating systems and consists of approximately 2,500 desktop computers evenly distributed across the five buildings The organization is concerned about the risk of transmitting confidential data over the T3 leased lines because they cannot control physical access to the T3 leased lines Which networking services could you recommend to solve the security problems and why would you recommend these networking services as the solution? Recommend Routing and Remote Access–based routers in each of the five buildings to connect the private network within the building to the T3 leased lines Encrypt the data between the buildings by using VPN tunnels and authenticate the routers by using MS-CHAP v2 An organization has locations in Chicago, Brussels, Taipei, Auckland, and Bonn Across all of the locations, the organization has approximately 1,500 remote access users Currently, the organization provides remote access servers at each location that provides connectivity to the organization’s private network The organization is considering the outsourcing of the dialup remote access connectivity to an Internet service provider (ISP) Which networking services could you recommend to solve the remote access problems of the organization, and why would you recommend these networking services in the solution? You would recommend Routing and Remote Access VPN servers within the organization Remote access users could connect to the organization’s private network by dialing the local ISP number, and then establishing a VPN connection to the organization’s private network However, this solution requires the remote access users log on twice, once to the ISP and once to establish the VPN connection Alternatively, you might recommend RADIUS to the organization The ISP would provide RADIUS clients to provide connectivity for the remote access users The organization would provide computers running the Internet Authentication Service (IAS) to provide RADIUS server authentication by using the organization’s account database Remote access users authenticate by using the organization’s account database and are required to remember only one user account and password THIS PAGE INTENTIONALLY LEFT BLANK ... service on CLSTRND05 Module 13: Networking Service Designs DNS Remote Access 41 Proxy Server 2.0 42 Module 13: Networking Service Designs Exercise Designing a Networking Services Solution In... in subsequent diagrams Module 13: Networking Service Designs This is the existing network at the central office of the insurance firm 31 32 Module 13: Networking Service Designs This is the existing... client computers at the Tokyo location 11 12 Module 13: Networking Service Designs Specifying Networking Services Design Options For each of the networking services servers that you place within the