| About This Book |
i |
| Intended Audience |
xv |
| Prerequisites |
xvi |
| Reference Materials |
xvi |
| About the CD-ROM |
xvi |
| Features of This Book |
xvi |
| Notes |
xvii |
| Conventions |
xvii |
| Chapter and Appendix Overview |
xviii |
| Finding the Best Starting Point for You |
xx |
| Where to Find Specific Skills in This Book |
xxi |
| Getting Started |
xxiv |
| Hardware Requirements |
xxiv |
| Software Requirements |
xxv |
| Setup Instructions |
xxv |
| The Microsoft Certified Professional Program |
xxxiv |
| Microsoft Certification Benefits |
xxxv |
| Requirements for Becoming a Microsoft Certified Professional |
xxxvi |
| Technical Training for Computer Professionals |
xxxvii |
| Technical Support |
xxxviii |
| Chapter 1 Designing a Windows 2000 Network |
1 |
| About This Chapter |
1 |
| Before You Begin |
1 |
| Lesson 1: Network Services Overview |
2 |
| TCP/IP |
2 |
| Domain Name System |
2 |
| Dynamic Host Configuration Protocol |
3 |
| Windows Internet Name Service |
4 |
| Remote Access Overview |
4 |
| Network Address Translator |
6 |
| Certificate Services |
7 |
| Lesson Summary |
8 |
| Lesson 2: Developing a Network Implementation Plan |
9 |
| Operating System Considerations |
9 |
| Phases of Deployment |
11 |
| Hardware Considerations |
12 |
| Interaction with Legacy Systems |
12 |
| Network Protocol Considerations |
12 |
| Lesson Summary |
13 |
| Lesson 3: Common Protocols Supported by Windows 2000 |
14 |
| Transmission Control Protocol/Internet Protocol |
14 |
| NWLink |
18 |
| NetBEUI |
19 |
| AppleTalk |
19 |
| Data Link Control |
19 |
| Infrared Data Association |
19 |
| Lesson Summary |
20 |
| Review |
21 |
| Chapter 2 Implementing TCP/IP |
23 |
| About This Chapter |
23 |
| Before You Begin |
23 |
| Lesson 1: TCP/IP Overview |
24 |
| Benefits of TCP/IP |
24 |
| Architectural Overview of the TCP/IP Protocol Suite |
26 |
| Transmission Control Protocol |
29 |
| Internet Protocol (IP) |
29 |
| User Datagram Protocol |
30 |
| Lesson Summary |
30 |
| Lesson 2: Internet Protocol Addressing |
31 |
| The IP Address |
31 |
| Dotted-Decimal Notation |
33 |
| IP Address Conversion from Binary to Decimal |
33 |
| Address Classes |
34 |
| IP Address Guidelines |
35 |
| Lesson Summary |
36 |
| Lesson 3: Microsoft TCP/IP Installation and Configuration |
37 |
| Installing TCP/IP |
37 |
| Practice: Installing the TCP/IP Protocol |
37 |
| Configuring TCP/IP |
38 |
| Testing TCP/IP with Ipconfig and PING |
41 |
| Configuring Packet Filters |
43 |
| Practice: Implementing IP Packet Filters |
43 |
| Lesson Summary |
44 |
| Lesson 4: Basic Concepts of IP Routing |
45 |
| Overview of Routing |
45 |
| Static and Dynamic IP Routing |
47 |
| Practice: Updating a Windows 2000-Based Routing Table |
47 |
| Lesson Summary |
50 |
| Review |
51 |
| Chapter 3 Implementing NWLink |
53 |
| About This Chapter |
53 |
| Before You Begin |
53 |
| Lesson 1: Introducing NWLink |
54 |
| Interoperability with NetWare |
54 |
| NWLink and Windows 2000 |
55 |
| NWLink Architecture |
56 |
| Lesson Summary |
60 |
| Lesson 2: Using Gateway Service for NetWare |
61 |
| Gateway Service for NetWare Overview |
61 |
| Understanding Gateway Service for NetWare and Gateways |
61 |
| Installing Gateway Service for NetWare |
62 |
| Creating a Gateway |
64 |
| Connecting Directly to NetWare Resources |
66 |
| Lesson Summary |
66 |
| Lesson 3: Using Client Service for NetWare |
67 |
| NetWare Connectivity |
67 |
| Choosing Between Client Service forNetWare and Gateway Service for NetWare |
67 |
| Configuring Client Service for NetWare |
68 |
| Lesson Summary |
69 |
| Lesson 4: Installing and Configuring NWLink |
70 |
| Windows 2000 Professional and NetWare Connectivity |
70 |
| Internal Network Number |
71 |
| Frame Type and Network Number |
72 |
| Configuring NWLink |
74 |
| Practice: Installing and Configuring NWLink |
75 |
| Lesson Summary |
76 |
| Review |
77 |
| Chapter 4 Monitoring Network Activity |
b |
| About This Chapter |
79 |
| Before You Begin |
79 |
| Lesson 1: Introducing Network Monitor |
80 |
| Understanding Network Monitor |
80 |
| Practice: Installing Network Monitor |
80 |
| Lesson Summary |
82 |
| Lesson 2: Using Network Monitor |
83 |
| Examining Frames |
83 |
| Viewing Data |
83 |
| Using Display Filters |
86 |
| Reviewing Captured Data |
87 |
| Practice: Capturing Frames with Network Monitor |
89 |
| Network Monitor Performance Issues |
89 |
| Detecting Network Monitor |
89 |
| Lesson Summary |
90 |
| Lesson 3: Windows 2000 Administration Tools |
91 |
| Windows 2000 Administration Capabilities |
91 |
| Terminal Services |
91 |
| Simple Network Management Protocol (SNMP) |
95 |
| Lesson Summary |
97 |
| Review |
98 |
| Chapter 5 Implementing IPSec |
99 |
| About This Chapter |
99 |
| Before You Begin |
99 |
| Lesson 1: Introducing and Enabling IPSec |
100 |
| Internet Protocol Security |
100 |
| In-Depth Defense |
101 |
| Benefits of IPSec |
101 |
| IP Security Process |
104 |
| IPSec Architecture |
104 |
| Considerations for IPSec |
107 |
| Lesson Summary |
108 |
| Lesson 2: Configuring IPSec |
109 |
| Prerequisites for Implementing IPSec |
109 |
| How to Implement IPSec |
109 |
| Configuring IPSec Policies |
109 |
| Connection Types |
110 |
| Authentication Method |
111 |
| IP Packet Filtering |
112 |
| Filter Actions |
115 |
| Additional IPSec Tasks |
116 |
| Practice: Testing IPSec |
117 |
| Lesson Summary |
118 |
| Lesson 3: Customizing IPSec Policies and Rules |
119 |
| Policy-Based Security |
119 |
| IP Filters and Filter Specifications |
120 |
| Security Methods and Negotiation Policies |
121 |
| IPSec Through Firewalls |
122 |
| IPSec Through NAT and Proxies |
122 |
| Other IPSec Considerations |
123 |
| TCP/IP Properties |
125 |
| Practice: Building a Custom IPSec Policy |
125 |
| Lesson Summary |
128 |
| Lesson 4: Monitoring IPSec |
129 |
| IPSec Management and Troubleshooting Tools |
129 |
| Using Network Monitor |
131 |
| Practice: Using Network Monitor to View Clear Text Traffic |
131 |
| Practice: Using Network Monitor to View Encrypted Traffic |
132 |
| Practice: Using Diagnostic Aids |
133 |
| Lesson Summary |
134 |
| Review |
135 |
| Chapter 6 Resolving Network Host Names |
b |
| About This Chapter |
137 |
| Before You Begin |
137 |
| Lesson 1: TCP/IP Naming Schemes |
138 |
| Windows 2000 Naming Schemes |
138 |
| Lesson Summary |
139 |
| Lesson 2: Host Names |
140 |
| Understanding Host Names |
140 |
| Purpose of Host Names |
140 |
| Host Name Resolution |
141 |
| Lesson Summary |
145 |
| Lesson 3: The Hosts File |
146 |
| Understanding the HOSTS File |
146 |
| Advantage of Using a HOSTS File |
147 |
| Practice: Working with the HOSTS File and DNS |
147 |
| Lesson Summary |
148 |
| Review |
149 |
| Chapter 7 Implementing Domain Name System (DNS) |
151 |
| About This Chapter |
151 |
| Before You Begin |
151 |
| Lesson 1: Introducing DNS |
152 |
| DNS Origins |
152 |
| DNS and Windows 2000 |
152 |
| How DNS Works |
153 |
| The Structure of DNS |
154 |
| Zones |
155 |
| Name Server Roles |
156 |
| Lesson Summary |
157 |
| Lesson 2: Name Resolution and DNS Files |
158 |
| Recursive Queries |
158 |
| Iterative Queries |
158 |
| Inverse Queries |
159 |
| Caching and Time to Live |
160 |
| DNS Configuration Files |
160 |
| The Reverse Lookup File |
161 |
| The Cache File |
162 |
| The Boot File |
162 |
| Lesson Summary |
163 |
| Lesson 3: Planning a DNS Implementation |
164 |
| DNS Considerations |
164 |
| Registering with the Parent Domain |
164 |
| Practice: Implementing DNS |
165 |
| Lesson Summary |
171 |
| Lesson 4: Installing DNS |
172 |
| Practice: Installing the DNS Server Service |
172 |
| Troubleshooting DNS with NSLOOKUP |
174 |
| Lesson Summary |
176 |
| Lesson 5: Configuring DNS |
177 |
| Configuring DNS Server Properties |
177 |
| Adding DNS Domains and Zones |
179 |
| Practice: Configuring a DNS Server |
180 |
| Adding Resource Records |
181 |
| Configuring Reverse Lookup |
182 |
| Lesson Summary |
182 |
| Review |
183 |
| Chapter 8 Using Windows 2000 Domain Name Service |
185 |
| About This Chapter |
185 |
| Before You Begin |
185 |
| Lesson 1: Working with Zones |
186 |
| Delegating Zones |
186 |
| Configuring Zones for Dynamic Update |
189 |
| Practice: Enabling Dynamic Updates |
190 |
| Lesson Summary |
191 |
| Lesson 2: Working with Servers |
192 |
| Overview of DNS Servers and Caching |
192 |
| Implementing a Caching-Only Server |
192 |
| Monitoring DNS Server Performance |
194 |
| Practice: Testing a Simple Query on a DNS Server |
194 |
| Lesson Summary |
196 |
| Review |
197 |
| Chapter 9 Implementing Windows Internet Name Service
(WINS).. |
199 |
| About This Chapter |
199 |
| Before You Begin |
199 |
| Lesson 1: Introduction to WINS |
200 |
| Name Resolution with NetBIOS |
200 |
| WINS Overview |
203 |
| WINS and Windows 2000 |
204 |
| Lesson Summary |
205 |
| Lesson 2: The WINS Resolution Process |
206 |
| Resolving NetBIOS Names with WINS |
206 |
| Name Registration |
207 |
| Name Renewal |
208 |
| Name Release |
209 |
| Name Query and Name Response |
210 |
| Lesson Summary |
211 |
| Lesson 3: Implementing WINS |
212 |
| When to Use WINS |
212 |
| Considerations for WINS Servers |
213 |
| WINS Requirements |
213 |
| Using Static Mappings |
214 |
| Practice: Configuring a WINS Client |
216 |
| Troubleshooting WINS |
217 |
| Managing and Monitoring WINS |
219 |
| Lesson Summary |
219 |
| Lesson 4: Configuring WINS Replication |
220 |
| Replication Overview |
220 |
| Configuring a WINS Server as a Push or Pull Partner |
220 |
| Configuring Database Replication |
221 |
| Practice: Performing WINS Database Replication |
222 |
| Backing Up the WINS Database |
224 |
| Lesson Summary |
225 |
| Review |
226 |
| Chapter 10 Implementing Dynamic Host Configuration
Protocol (DHCP).. |
227 |
| About This Chapter |
227 |
| Before You Begin |
227 |
| Lesson 1: Introducing and Installing DHCP |
228 |
| DHCP Overview |
228 |
| How DHCP Works |
229 |
| Installing a DHCP Server |
233 |
| Ipconfig |
234 |
| DHCP Relay Agent |
236 |
| Lesson Summary |
236 |
| Lesson 2: Configuring DHCP |
237 |
| Using DHCP on a Network |
237 |
| Installing and Configuring a DHCP Server |
238 |
| Implementing Multiple DHCP Servers |
243 |
| Lesson Summary |
244 |
| Lesson 3: Integrating DHCP with Naming Services |
245 |
| DNS and DHCP |
245 |
| Lesson Summary |
248 |
| Lesson 4: Using DHCP with Active Directory |
249 |
| Windows 2000 Integrated IP Management |
249 |
| Rogue DHCP Server Detection Feature |
250 |
| Lesson Summary |
250 |
| Lesson 5: Troubleshooting DHCP |
251 |
| Preventing DHCP Problems |
251 |
| Troubleshooting DHCP Clients |
252 |
| Troubleshooting DHCP Servers |
255 |
| Moving the DHCP Server Database |
257 |
| Lesson Summary |
258 |
| Review |
259 |
| Chapter 11 Providing Your Clients Remote Access
Service (RAS).. |
261 |
| About This Chapter |
261 |
| Before You Begin |
261 |
| Lesson 1: Introducing Remote Access Service |
262 |
| Overview of Remote Access Service |
262 |
| Routing and Remote Access Features |
263 |
| Enabling Routing and Remote Access |
265 |
| Practice: Installing a Routing and Remote Access Server |
266 |
| Remote Access Versus Remote Control |
267 |
| Lesson Summary |
269 |
| Lesson 2: Configuring a Routing and Remote Access Server |
270 |
| Allowing Inbound Connections |
270 |
| Creating a Remote Access Policy (RAP) |
271 |
| Practice: Creating a New Remote Access Policy |
274 |
| Configuring a Remote Access Profile |
275 |
| Practice: Creating a Policy Filter |
276 |
| Configuring Bandwidth Allocation Protocol (BAP)
| 277 |
| Lesson Summary |
278 |
| Lesson 3: Implementing IP Routing on a Remote Access Server |
279 |
| Installing IP Routing |
279 |
| Practice: Enabling and Configuring a Routing and Remote Access Server |
279 |
| Updating the Routing Tables |
280 |
| Implementing Demand-Dial Routing |
282 |
| Lesson Summary |
285 |
| Lesson 4: Supporting Virtual Private Networks |
286 |
| Implementing a VPN |
286 |
| Integrating VPN in a Routed Environment |
288 |
| Integrating VPN Servers with the Internet |
288 |
| Practice: Creating VPN Interfaces |
290 |
| Lesson Summary |
291 |
| Lesson 5: Supporting Multilink Connections |
292 |
| Point-to-Point Protocol |
292 |
| Multilink PPP |
292 |
| Lesson Summary |
293 |
| Lesson 6: Using Routing and Remote Access with DHCP |
295 |
| Routing and Remote Access and DHCP |
294 |
| DHCP Relay Agent |
294 |
| Practice: Configuring the DHCP Relay Agent to Work over Routing and Remote Access |
295 |
| Lesson Summary |
295 |
| Lesson 7: Managing and Monitoring Remote Access |
296 |
| Logging User Authentication and Accounting Requests |
296 |
| Accounting |
298 |
| Netsh Command-Line Tool |
299 |
| Network Monitor |
300 |
| Resource Kit Utilities |
300 |
| Lesson Summary |
301 |
| Review |
302 |
| Chapter 12 Supporting Network Address Translation
(NAT).. |
303 |
| About This Chapter |
303 |
| Before You Begin |
303 |
| Lesson 1: Introducing NAT |
304 |
| Network Address Translation |
304 |
| Public and Private Addresses |
305 |
| How NAT Works |
307 |
| NAT Processes in Windows 2000 Routing and Remote Access |
309 |
| Additional NAT Routing Protocol Components |
312 |
| Lesson Summary |
313 |
| Lesson 2: Installing Internet Connection Sharing |
314 |
| Internet Connection Sharing |
314 |
| Internet Connection Sharing and NAT |
317 |
| Troubleshooting Connection Sharing (NAT) |
318 |
| Lesson Summary |
319 |
| Lesson 3: Installing and Configuring NAT |
320 |
| Network Address Translation Design Considerations |
320 |
| Virtual Private Networks and NATs |
324 |
| Lesson Summary |
325 |
| Review |
326 |
| Chapter 13 Implementing Certificate Services |
327 |
| About This Chapter |
327 |
| Before You Begin |
327 |
| Lesson 1: Introducing Certificates |
328 |
| Overview of Certificates |
328 |
| Enterprise and Stand-Alone CAs |
330 |
| Types of CAs |
331 |
| Lesson Summary |
332 |
| Lesson 2: Installing and Configuring Certificate Authority |
333 |
| Deploying a CA |
333 |
| Protecting a CA |
334 |
| Certificate Enrollment |
334 |
| Practice: Installing a Stand-Alone Subordinate CA |
337 |
| Certificate Renewal |
339 |
| Certificate and Key Recovery |
339 |
| Lesson Summary |
341 |
| Lesson 3: Managing Certificates |
342 |
| Revoked Certificates |
342 |
| Issued Certificates |
342 |
| Pending Requests |
342 |
| Failed Requests |
342 |
| How a Certificate Is Issued |
343 |
| Certificate Revocation |
343 |
| Practice: Revoking a Certificate |
344 |
| EFS Recovery Policy |
344 |
| Practice: Changing a Recovery Policy |
345 |
| Lesson Summary |
346 |
| Review |
347 |
| Chapter 14 Implementing Enterprise-Wide Network Security |
349 |
| About This Chapter |
349 |
| Before You Begin |
349 |
| Lesson 1: Implementing Network Security |
350 |
| Planning for Network Security |
350 |
| Planning Distributed Network Security |
353 |
| Internet Connection Issues |
354 |
| Microsoft Proxy Server |
355 |
| Lesson Summary |
356 |
| Lesson 2: Configuring Routing and Remote Access Security |
357 |
| Overview of Remote Access |
357 |
| Configuring Protocols for Security |
358 |
| Practice: Using Security Protocols
for a Virtual Private Network Connection |
359 |
| Creating Remote Access Policies |
360 |
| Using Encryption Protocols |
361 |
| Lesson Summary |
363 |
| Lesson 3: Monitoring Security Events |
364 |
| Monitoring Your Network Security |
364 |
| Using Event Viewer to Monitor Security |
365 |
| Practice: Recording Failed Logon Attempts |
365 |
| Practice: Viewing the Security Log |
367 |
| System Monitor |
368 |
| The IPSec Monitor Utility |
369 |
| Monitoring Security Overhead |
370 |
| Lesson Summary |
371 |
| Review |
372 |
| Appendix A Questions and Answers |
375 |
| Glossary |
389 |
| Index |
415 |
