Transcript Windows Network Policy Server Fundamentals Ranjana

Windows Network Policy
Server Fundamentals
Ranjana Jain
MCSE, MCT, RHCE, CISSP, CIW
Security Analyst
IT Pro Evangelist
Microsoft India
http://ranjanajain.spaces.live.com
What Will We Cover?
• Network Policy Server Architecture and
Functionality
• Deploying and configuring Network
Access Protection (NAP)
• Monitoring NPS for High Availability
Helpful Experience
• Understanding of network access
• Familiarity with DHCP
• Familiarity with RADIUS
Level 300
Agenda
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
The Core IO Model
Identity and Access Management
Desktop, Device, and Server Management
Security and Networking
Data Protection and Recovery
IT Management and Security Process
CROSS-MODEL ENABLERS
•Identity
• Presence
•Rights Management
•Network Access
What is Network Policy Server?
NPS Authentication Process
User requests
access to port
Forwards credentials
and connection details
Evaluates
connection
and forwards
credentials for
authentication
Network device asks
user for credentials
Device allows access
If policy matches, and
user is authentic,
access allowed
Demonstration Environment
Internal Network
192.168.16.0/20
SEA-DC-01.contoso.com
Windows Server Longhorn
Domain Controller, NPS, DHCP
192.168.16.2/20
SEA-WRK-001.contoso.com
Windows Vista
IP Address by means of DHCP
Demo
demonstration
Reviewing Network Policies



Tour the NPS Console
Configure NAP Server Settings
Configure NAP Policies and Elements
Agenda
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
How NAP Works
Active
Directory
Windows
Client
Network
Access
Requests
Health
Statements
NPS
SHA
QA
EC
Not Compliant
Remediation
Servers
Restricted Network
SHV
Network
Access
Devices
QS
Corporate Network
Demo
demonstration
Configuring NAP for DHCP



Enable and Configure Client Settings
Configure DHCP Server
Test Client Access
Agenda
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
Deployment Best Practices
• Install NPS on the Domain Controller
• Use RADIUS to distribute requests
• Specify RADIUS client IP addresses
• Specify permission by RAP
• Log wisely
Debug Tracing Logs
RADIUS Server and Proxy
Authentication, Mapping, Validation
Policy and Quarantine Evaluation
File and Database Logging
Network Monitor
Corporate Network
Demo
demonstration
Examining Connection Trace Logs


Examine Event Logs
Examine Connection Logs
Agenda
• Introducing Network Policy Server
• Deploying and Configuring NAP
• Best Practices and Troubleshooting
• Configuring Load Balancing
NPS as a RADIUS Proxy
NPS RADIUS
Proxy Server
NPS Load Balancing
Demo
demonstration
Configuring Load Balancing


Export Settings and Create Clone
Configuration
Set Up NPS as a RADIUS Proxy
Windows Server 2008 + Windows
Vista
More Efficient Management
Single worldwide servicing model
Event forwarding between client and server
Faster and more reliable remote operating system deployments
Network Access Protection ensures health of connecting systems
Greater Availability
Scalable print servers with client-side rendering
Transparent offline experience with client-side caching
Transactional File System for file and registry operations
Policy-based Quality of Service to prioritize application bandwidth
Faster Communications
Fast enterprise class search on clients and servers
Faster networking with new TCP/IP stack and native IPv6
Improved file-sharing performance over high-latency links
Integrated remote access to internal applications and resources

Session Summary
• NPS and NAP can be used to protect networks
• Policy rules may be extremely fine-grained
• NPS is a very flexible server application
For More Information
Visit TechNet at:
www.microsoft.com/technet
www.microsoft.com/nap
Where Else Can I Get Help?
• Live Events and Online webcast Series
• My Blog: http://ranjanajain.spaces.live.com
• Chats, Newsgroups, Forums and Virtual Labs
• Local Locator for Professional User Groups
groups.msn.com/itdelhiug
THANK YOU