Provides best practices for deploying Microsoft® Active Directory® service domain controllers in segmented networks, procedures for configuring IPSec policies to protect traffic between domain controllers on opposite sides of a firewall, and recommended practices for managing these policies.
-
|
Version:
|
Date Published:
|
|
1.0
|
10/21/2004
|
|
File name:
|
File size:
|
|
ADSegment_IPSec_W2K.doc
|
5.3 MB
|
Microsoft® Active Directory® service domain controllers are increasingly being deployed on networks segmented by firewalls. Three common scenarios are: (1) domain controllers separated from clients in a perimeter network (also known as DMZ, demilitarized zone, and screened subnet), (2) domain controllers in a perimeter network separated from other domain controllers on the network, and (3) networks divided into segments, each containing clients and domain controllers. This white paper describes best practices for deploying domain controllers in segmented networks in a manner that supports client authentication, secure resource access by clients, and replication traffic between domain controllers on opposite sides of a firewall. This paper also provides detailed procedures for configuring IPSec policies to protect Active Directory traffic between domain controllers on opposite sides of a firewall and recommended practices for managing IPSec policies that are assigned to domain controllers.
-
Supported Operating System
Windows 2000 Server, Windows Server 2003
-
- Click the Download link to start the download.
- Do one of the following:
- To start the installation immediately, click Open or Run this program from its current location.
- To copy the download to your computer for installation at a later time, click Save or Save this program to disk.
Popular downloads