Download Chapter 21 PowerPoint Presentation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
Document related concepts

Distributed firewall wikipedia , lookup

Point-to-Point Protocol over Ethernet wikipedia , lookup

TV Everywhere wikipedia , lookup

Computer network wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Deep packet inspection wikipedia , lookup

AppleTalk wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Lag wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Server Message Block wikipedia , lookup

Internet protocol suite wikipedia , lookup

Wireless security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Remote Desktop Services wikipedia , lookup

Extensible Authentication Protocol wikipedia , lookup

Authentication wikipedia , lookup

Transcript 
Microsoft Windows NT 4.0
Authentication Protocols
• Password Authentication Protocol (PAP)
• Challenge Handshake Authentication Protocol (CHAP)
• Microsoft Challenge Handshake Authentication Protocol
(MS-CHAP)
• Shiva Password Authentication Protocol (SPAP)
• Point-to-Point Tunneling Protocol (PPTP)
1
Microsoft Windows 2000
Authentication Protocols
•
•
•
•
•
•
Support the Windows NT 4.0 authentication protocols
Extensible Authentication Protocol (EAP)
Remote Authentication Dial-In User Service (RADIUS)
Internet Protocol Security (IPSec)
Layer Two Tunneling Protocol (L2TP)
Bandwidth Allocation Protocol (BAP)
2
Extensible Authentication
Protocol (EAP)
• Is an extension to the Point-to-Point protocol (PPP)
• Works with dial-up, PPTP, and L2TP clients
• Allows arbitrary authentication mechanisms to validate a
dial-in connection
• Supports authentication by using generic token cards,
MD5-CHAP, and TLS
• Allows vendors to supply new client and server
authentication modules
3
Remote Authentication DialIn User Service (RADIUS)
• RADIUS provides
• Remote user authentication that is vendorindependent.
• Scaleable authentication designs for performance.
• Fault-tolerant designs for reliability.
• Windows 2000 can act as a RADIUS client or server.
4
Windows 2000 Can Act as a
RADIUS Client
• A RADIUS client
• Is typically an ISP dial-up server
• Receives authentication requests
• Forwards the requests to a RADIUS server
• A Windows 2000 RADIUS client
• Can also forward accounting information
• Is configured on the remote access server’s
Securities tab
5
Windows 2000 Can Act as a
RADIUS Server
• A RADIUS server validates the RADIUS client request.
• Windows 2000 uses Internet Authentication Services (IAS)
to perform authentication.
• IAS stores accounting information from RADIUS clients in
log files.
• IAS is one of the optional components you can add.
6
Internet Protocol Security
(IPSec)
• Consists of a set of security protocols and cryptographic
protection services
• Ensures secure private communications over IP networks
• Provides aggressive protection against private network
and Internet attacks
• Negotiates a security association (SA) with clients that
acts as a private key to encrypt the data flow
7
Layer Two Tunneling
Protocol
•
•
•
•
Similar to PPTP
Creates an encrypted tunnel
Does not provide encryption
Works with encryption technologies such as IPSec
8
Differences Between L2TP
and PPTP
•
•
•
•
L2TP does not require an IP-based transit network.
L2TP supports header compression.
L2TP supports tunnel authentication.
L2TP uses IPSec for encryption and PPTP uses PPP
encryption.
9
Bandwidth Allocation
Protocol (BAP) and
Bandwidth Allocation
Control Protocol (BACP)
• Dynamically add or drop links on demand
• Are PPP control protocols
• Provide bandwidth on demand
10
Allowing Inbound Dial-Up
Connections
11
Configuring Devices for
Incoming Connections
12
Allowing Virtual Private
Connections
• Click Next on the Devices For Incoming Connections page.
• Select either to allow or not allow virtual private
connections on the Incoming Virtual Private Connection
page.
13
Specifying Users and
Callback Options
14
Selecting Networking
Components
• Choose the networking components to enable for
incoming calls.
• Install additional networking components.
15
Dial-Up Connections
16
Connections to a Virtual
Private Network (VPN)
• Create a VPN by using tunneling protocols such as PPTP
or L2TP.
• Create secure connections across an untrusted network.
• Select Connect To A Private Network Through The
Internet.
• Decide if you want to select Automatically Dial This Initial
Connection.
• Enter the host name or IP address to which you are
connecting.
• Specify who can use the connection.
17
Direct Connection to Another
Computer Through a Cable
• Select Connect Directly To Another Computer.
• Select whether your computer will be the host or the
guest for the connection.
• Select the port that is connected to the other computer.
• Specify the users who can use this connection.
• Decide if you want a shortcut icon on your desktop.
18
Related documents
Remote Access - York Technical College
Remote Access - York Technical College
What is a VPN
What is a VPN
Security+ Guide to Network Security Fundamentals
Security+ Guide to Network Security Fundamentals
Panel: Security and the World Wide Web
Panel: Security and the World Wide Web
“Stronger” Web Authentication: A Security Review
“Stronger” Web Authentication: A Security Review
Slide 1
Slide 1
Network Device Security Options
Network Device Security Options
William Stallings, Cryptography and Network Security 3/e
William Stallings, Cryptography and Network Security 3/e
Computer Security
Computer Security
WinRadius` User Guide
WinRadius` User Guide
Securing network communications
Securing network communications
Web Security
Web Security