Click Here to Install Silverlight*
United StatesChange|All Microsoft Sites
Microsoft
Download Center 
Search Advanced Search

Active Directory in Networks Segmented by Firewalls

Brief Description
Provides best practices for deploying Microsoft® Active Directory® service domain controllers in segmented networks, procedures for configuring IPSec policies to protect traffic between domain controllers on opposite sides of a firewall, and recommended practices for managing these policies.

On This Page

Quick Details
File Name:ADSegment_IPSec_W2K.doc
Version:1.0
Date Published:10/21/2004
Language:English
Download Size:5.3 MB
Estimated Download Time: 13 min 56K

Overview

Microsoft® Active Directory® service domain controllers are increasingly being deployed on networks segmented by firewalls. Three common scenarios are: (1) domain controllers separated from clients in a perimeter network (also known as DMZ, demilitarized zone, and screened subnet), (2) domain controllers in a perimeter network separated from other domain controllers on the network, and (3) networks divided into segments, each containing clients and domain controllers. This white paper describes best practices for deploying domain controllers in segmented networks in a manner that supports client authentication, secure resource access by clients, and replication traffic between domain controllers on opposite sides of a firewall. This paper also provides detailed procedures for configuring IPSec policies to protect Active Directory traffic between domain controllers on opposite sides of a firewall and recommended practices for managing IPSec policies that are assigned to domain controllers.

 Top of page

System Requirements

  • Supported Operating Systems: Windows 2000 Server; Windows Server 2003
  • Microsoft Word

 Top of page

Instructions

  1. Click the Download link to start the download.
  2. Do one of the following:
    • To start the installation immediately, click Open or Run this program from its current location.
    • To copy the download to your computer for installation at a later time, click Save or Save this program to disk.

 Top of page

 Top of page

© 2009 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy Statement