| About This Book | xv |
| Intended Audience | xvi |
| Prerequisites | xvi |
| Reference Materials | xvii |
| About the Supplemental Course Materials CD-ROM | xvii |
| Features of This Book | xvii |
| Notes | xvii |
| Conventions | xviii |
| Chapter and Appendix Overview | xviii |
| Finding the Best Starting Point for You | xxi |
| Where to Find Specific Skills in This Book | xxi |
| Getting Started | xxvi |
| Software Requirements | xxvii |
| Setup Instructions | xxvii |
| The eBook | xxxv |
| Sample Readiness Review Questions | xxxv |
| The Microsoft Certified Professional Program | xxxv |
| Microsoft Certification Benefits | xxxvi |
| Requirements for Becoming a Microsoft Certified Professional | xxxviii |
| Technical Training for Computer Professionals | xxxix |
| Technical Support | xl |
| CHAPTER 1 Introduction to Networking Services Design | 1 |
| About This Chapter | 1 |
| Before You Begin | 1 |
| Lesson 1: Windows 2000 Networking Services Overview | 3 |
| Networking Services Within a Network | 3 |
| Networking Services in Windows 2000 | 5 |
| NAT | 7 |
| Microsoft Proxy Server 2.0 | 7 |
| DHCP | 8 |
| DNS | 8 |
| WINS | 8 |
| Routing and Remote Access | 9 |
| RADIUS | 9 |
| Lesson 2: Network Deployment Process | 10 |
| Phases in the Network Deployment Process | 10 |
| Personnel Responsible for Each Phase | 12 |
| Lesson 3: Aspects of a Networking Services Design | 14 |
| Networking Services Design Aspects | 14 |
| Essential Design Aspects | 15 |
| Security Design Aspects | 16 |
| Availability Design Aspects | 17 |
| Performance Design Aspects | 18 |
| Cost Design Aspects | 20 |
| Review | 22 |
| CHAPTER 2 Networking Protocol Design | 23 |
| About This Chapter | 23 |
| Before You Begin | 24 |
| Lesson 1: Designs That Include TCP/IP | 25 |
| TCP/IP in Windows 2000 | 25 |
| TCP/IP Design Requirements and Constraints | 27 |
| TCP/IP Design Decisions | 27 |
| TCP/IP in Networking Services Designs | 28 |
| Lesson 2: Essential TCP/IP Design Concepts | 30 |
| Essential IP Configuration Information | 30 |
| IP Addressing Scheme | 31 |
| IP Subnet Mask | 37 |
| Default Gateway | 40 |
| Variable Length Subnet Masks | 42 |
| Classless Interdomain Routing | 46 |
| Activity 2.1: Evaluating a TCP/IP Network Design | 48 |
| Lesson 3: TCP/IP Data Protection | 50 |
| IPSec and VPN in TCP/IP Data Protection | 50 |
| TCP/IP Data Protection with IPSec | 53 |
| TCP/IP Data Protection with VPN | 64 |
| TCP/IP Data Protection with TCP/IP Filters | 72 |
| Lesson 4: TCP/IP Optimization | 75 |
| Improving TCP/IP Availability and Performance | 75 |
| Activity 2.2: Completing a TCP/IP Design | 77 |
| Lab: Creating a TCP/IP Network Design | 79 |
| Review | 87 |
| CHAPTER 3 Multiprotocol Network Design | 89 |
| About This Chapter | 89 |
| Before You Begin | 90 |
| Lesson 1: Designs That Include Multiple Protocols | 91 |
| IPX, AppleTalk, and SNA Protocols in Windows 2000 | 91 |
| Multiprotocol Design Requirements and Constraints | 93 |
| Multiprotocol Design Decisions | 94 |
| IPX in Multiprotocol Designs | 94 |
| AppleTalk in Multiprotocol Designs | 95 |
| SNA in Multiprotocol Designs | 97 |
| Lesson 2: IPX Design Concepts | 99 |
| IPX Addressing Design | 99 |
| Determining IPX Frame Types | 102 |
| Connecting IPX Networks over IP Routed Networks | 104 |
| Protect IPX Traffic with VPN Tunnels | 104 |
| IPX Network and IP Network Interoperability | 106 |
| Activity 3.1: Evaluating a Networking Protocol Design | 107 |
| Lesson 3: AppleTalk Design Concepts | 109 |
| AppleTalk Addressing Design | 109 |
| AppleTalk Zone Design | 111 |
| Lesson 4: SNA Design Concepts | 113 |
| SNA Network Protocol Design | 113 |
| SNA and TCP/IP Integration | 114 |
| Activity 3.2: Completing a Network Protocol Design | 116 |
| Lab: Creating a Multiprotocol Network Design | 118 |
| Review | 129 |
| CHAPTER 4 IP Routing Designs | 131 |
| About This Chapter | 131 |
| Before You Begin | 132 |
| Lesson 1: Designs That Include IP Routing | 133 |
| IP Routing in Windows 2000 | 133 |
| IP Routing Design Requirements and Constraints | 134 |
| IP Routing Design Decisions | 135 |
| Edge of Network Scenario | 135 |
| Multiple Location Scenario | 137 |
| Single Location Scenario | 138 |
| Lesson 2: Essential IP Routing Design Concepts | 140 |
| Placing Routers in the Network Design | 140 |
| Integrating Routers into an Existing Network | 143 |
| Unicast Routing | 148 |
| Multicast Routing | 159 |
| DHCP Relay Agent | 161 |
| Activity 4.1: Evaluating an IP Routing Design | 163 |
| Lesson 3: Data Protection on Unsecured Segments | 166 |
| Filtering Unwanted IP Traffic | 166 |
| Router Identification | 168 |
| Router-to-Router Data Protection | 172 |
| Lesson 4: IP Routing Design Optimization | 175 |
| Improving IP Routing Availability and Performance | 175 |
| Activity 4.2: Completing an IP Routing Design | 177 |
| Lab: Creating an IP Routing Design | 179 |
| Review | 202 |
| CHAPTER 5 Multiprotocol Routing Designs | 203 |
| About This Chapter | 203 |
| Before You Begin | 204 |
| Lesson 1: Designs That Include Multiprotocol Routers | 205 |
| IPX and AppleTalk Routing in Windows 2000 | 205 |
| Multiprotocol Routing Design Requirements and Constraints | 207 |
| IP Routing Design Decisions | 207 |
| Edge of Network Scenario | 208 |
| IPX Tunneling Scenario | 210 |
| Lesson 2: IPX Routing Design Concepts | 212 |
| Placing Routers in the Network Design | 212 |
| Integrating Routers into an Existing Network | 216 |
| Internal IPX Network Numbers | 221 |
| IPX Router Information Management | 223 |
| Protecting IPX Traffic | 233 |
| Optimizing IPX Routing | 236 |
| Activity 5.1: Evaluating an IPX Routing Design | 238 |
| Lesson 3: AppleTalk Routing Design Concepts | 240 |
| Placing Routers in the Network Design | 240 |
| Router Interface Specifications | 241 |
| Determining AppleTalk Network Numbers | 243 |
| Selecting AppleTalk Seed Routers | 244 |
| Optimizing AppleTalk Routing | 246 |
| Activity 5.2: Evaluating an AppleTalk Routing Design | 248 |
| Lab: Creating a Multiprotocol Routing Design | 250 |
| Review | 275 |
| CHAPTER 6 Proxy Server in Internet and Intranet Designs | 277 |
| About This Chapter | 277 |
| Before You Begin | 278 |
| Lesson 1: Designs That Include Proxy Server | 279 |
| Microsoft Proxy Server 2.0 and Windows 2000 | 279 |
| Proxy Server Design Requirements and Constraints | 280 |
| Proxy Server Design Decisions | 281 |
| Internet Connectivity Designs | 281 |
| Web Content Caching Designs | 283 |
| IPX to IP Gateway Designs | 284 |
| Lesson 2: Essential Proxy Server Design Concepts | 287 |
| Placing Proxy Servers in the Network Design | 287 |
| Determining Proxy Server Interface Specifications | 290 |
| Specifying the Proxy Server LAT Information | 292 |
| Selecting the Proxy Server Client Support | 293 |
| Activity 6.1: Evaluating a Proxy Server Design | 295 |
| Lesson 3: Data Protection in Proxy Server Designs | 297 |
| Identifying Proxy Server Data Protection Methods | 297 |
| Protecting Private Network Resources | 300 |
| Restricting Access to Internet Resources | 303 |
| Lesson 4: Proxy Server Design Optimization | 307 |
| Identifying Proxy Server Optimization Techniques | 307 |
| Optimizing Internet Access | 311 |
| Optimizing Private Network Resource Access | 317 |
| Activity 6.2: Completing a Proxy Server Design | 321 |
| Lab: Creating a Proxy Server Design | 323 |
| Review | 332 |
| CHAPTER 7 NAT in Internet and Intranet Designs | 333 |
| About This Chapter | 333 |
| Before You Begin | 334 |
| Lesson 1: Designs That Include NAT | 335 |
| NAT and Windows 2000 | 335 |
| NAT Design Requirements and Constraints | 337 |
| NAT Design Decisions | 338 |
| Standalone SOHO Internet Connectivity Designs | 338 |
| Branch Office Connectivity Designs | 340 |
| Lesson 2: Essential NAT Design Concepts | 342 |
| Placing NAT in the Network Design | 342 |
| Determining NAT Server Interface Specifications | 343 |
| Providing Automatic IP Address Assignment | 345 |
| Providing DNS Name Resolution | 347 |
| Activity 7.1: Evaluating a NAT Design | 347 |
| Lesson 3: Data Protection in NAT Designs | 350 |
| Protecting SOHO Network Resources | 350 |
| Restricting Access to Internet Resources | 353 |
| Protecting Corporate Network Resources | 354 |
| Lesson 4: NAT Design Optimization | 357 |
| NAT Optimization Techniques | 357 |
| Activity 7.2: Completing a NAT Design | 359 |
| Lab: Creating a NAT Design | 361 |
| Review | 366 |
| CHAPTER 8 DHCP in IP Configuration Designs | 367 |
| About This Chapter | 367 |
| Before You Begin | 368 |
| Lesson 1: Designs That Include DHCP | 369 |
| DHCP and Windows 2000 | 369 |
| DHCP Design Requirements and Constraints | 370 |
| DHCP Design Decisions | 371 |
| IP Configuration Designs | 372 |
| Lesson 2: Essential DHCP Design Concepts | 376 |
| Determining Which Segments Require Automatic IP Configuration | 376 |
| Determining the DHCP Automatic IP Configuration Method | 378 |
| Determining DHCP Scopes and DHCP Scope Options | 384 |
| Activity 8.1: Evaluating a DHCP Design | 391 |
| Lesson 3: Configuration Protection in DHCP Designs | 394 |
| Preventing Unauthorized DHCP Servers | 394 |
| Preventing Unauthorized Users | 398 |
| Lesson 4: DHCP Design Optimization | 400 |
| Enhancing DHCP Availability | 400 |
| Improving DHCP Performance | 403 |
| Activity 8.2: Completing a DHCP Design | 406 |
| Lab: Creating a DHCP Design | 408 |
| Review | 424 |
| CHAPTER 9 DNS in Name Resolution Designs | 425 |
| About This Chapter | 425 |
| Before You Begin | 426 |
| Lesson 1: Designs That Include DNS | 427 |
| DNS and Name Resolution in Networking Services Designs | 427 |
| DNS and Windows 2000 | 428 |
| DNS Design Requirements and Constraints | 429 |
| DNS Design Decisions | 431 |
| DNS and Active Directory Designs | 431 |
| Traditional DNS Designs | 434 |
| Lesson 2: Essential DNS Design Concepts | 437 |
| Determining Domain Namespace Influences on DNS | 437 |
| Selecting the Zone Types | 445 |
| Determining the Placement of DNS Servers | 449 |
| Integrating DNS with Other Versions of DNS | 450 |
| Integrating DNS and WINS | 455 |
| Activity 9.1: Evaluating a DNS Design | 457 |
| Lesson 3: Name Resolution Protection in DNS Designs | 459 |
| Preventing Unauthorized Dynamic Updates to DNS Zones | 459 |
| Preventing Unauthorized Access to DNS Servers | 461 |
| Lesson 4: DNS Design Optimization | 464 |
| Enhancing DNS Availability | 464 |
| Improving DNS Performance | 469 |
| Activity 9.2: Completing a DNS Design | 472 |
| Lab: Creating a DNS Design | 475 |
| Review | 503 |
| CHAPTER 10 WINS in Name Resolution Designs | 505 |
| About This Chapter | 505 |
| Before You Begin | 506 |
| Lesson 1: Designs That Include WINS | 507 |
| WINS and Name Resolution in Networking Services Designs | 507 |
| WINS and Windows 2000 | 508 |
| WINS Design Requirements and Constraints | 511 |
| WINS Design Decisions | 511 |
| WINS and Microsoft Network Designs | 512 |
| Windows 2000 Without NetBT and WINS | 514 |
| Lesson 2: Essential WINS Design Concepts | 517 |
| Determining Which Segments Require NetBIOS Name Resolution | 517 |
| Selecting WINS Client Proxy Support | 519 |
| Selecting WINS Client Options | 521 |
| Determining WINS Server Placement | 523 |
| Selecting WINS Replication Methods | 526 |
| Activity 10.1: Evaluating a WINS Design | 533 |
| Lesson 3: Name Resolution Protection in WINS Designs | 535 |
| Preventing Unauthorized User Access | 535 |
| Lesson 4: WINS Design Optimization | 537 |
| Enhancing WINS Availability | 537 |
| Improving WINS Performance | 540 |
| Activity 10.2: Evaluating a WINS Design | 546 |
| Lab: Creating a WINS Design | 548 |
| Review | 560 |
| CHAPTER 11 Dial-Up Connectivity in Remote Access Designs | 561 |
| About This Chapter | 561 |
| Before You Begin | 563 |
| Lesson 1: Designs That Include Dial-Up Remote Access | 564 |
| Routing and Remote Access in Dial-Up Remote Access Designs | 564 |
| Routing and Remote Access and Windows 2000 | 566 |
| Dial-Up Remote Access Design Requirements and Constraints | 568 |
| Dial-Up Remote Access Design Decisions | 568 |
| Dial-Up Remote Access Designs | 569 |
| Lesson 2: Essential Dial-Up Remote Access Design Concepts | 572 |
| Determining the Placement of Remote Access Servers | 572 |
| Determining the Placement of Remote Access Servers | 573 |
| Selecting the Remote Access Client Support | 576 |
| Activity 11.1: Evaluating a Dial-Up Remote Access Design | 579 |
| Lesson 3: Data Protection in Dial-Up Remote Access Designs | 582 |
| Preventing Access to Private Network Resources | 582 |
| Protecting Confidential Remote Access Data | 584 |
| Lesson 4: Dial-Up Remote Access Design Optimization | 589 |
| Enhancing Dial-Up Remote Access Availability | 589 |
| Improving Dial-Up Remote Access Performance | 591 |
| Activity 11.2: Completing a Dial-Up Remote Access Design | 594 |
| Lab: Creating a Dial-Up Remote Access Design | 597 |
| Review | 630 |
| CHAPTER 12 VPN Connectivity in Remote Access Designs | 631 |
| About This Chapter | 631 |
| Before You Begin | 632 |
| Lesson 1: Designs That Include VPN Remote Access | 633 |
| Routing and Remote Access in VPN Remote Access Designs | 633 |
| Routing and Remote Access and Windows 2000 | 636 |
| VPN Remote Access Design Requirements and Constraints | 638 |
| VPN Remote Access Design Decisions | 638 |
| VPN Remote Access Designs | 639 |
| Lesson 2: Essential VPN Remote Access Design Concepts | 642 |
| Determining the Placement of VPN Remote Access Servers | 642 |
| Determining the Placement of Remote Access Servers | 643 |
| Selecting the Remote Access Client Support | 647 |
| Activity 12.1: Evaluating a VPN Remote Access Design | 650 |
| Lesson 3: Data Protection in VPN Remote Access Designs | 652 |
| Preventing Access to Private Network Resources | 652 |
| Protecting Confidential Remote Access Data | 657 |
| Lesson 4: VPN Remote Access Design Optimization | 661 |
| Enhancing VPN Remote Access Availability | 661 |
| Improving VPN Remote Access Performance | 664 |
| Activity 12.2: Completing a VPN Remote Access Design | 667 |
| Lab: Creating a VPN Remote Access Design | 669 |
| Review | 682 |
| CHAPTER 13 RADIUS in Remote Access Designs | 683 |
| About This Chapter | 683 |
| Before You Begin | 685 |
| Lesson 1: Designs That Include RADIUS | 686 |
| RADIUS in Remote Access Designs | 686 |
| RADIUS and Windows 2000 | 689 |
| RADIUS Design Requirements and Constraints | 689 |
| RADIUS Design Decisions | 690 |
| Outsourced Dial-Up Remote Access Designs | 690 |
| In-House Remote Access Designs | 691 |
| Partner Network Remote Access Designs | 694 |
| Lesson 2: Essential RADIUS Design Concepts | 696 |
| Determining the Number of RADIUS Clients and Servers | 696 |
| Determining the Placement of RADIUS Clients and Servers | 698 |
| Selecting the Connections Between RADIUS Clients and Servers | 699 |
| Selecting the Remote Access Client Support | 701 |
| Activity 13.1: Evaluating a RADIUS Design | 705 |
| Lesson 3: Data Protection in RADIUS Designs | 707 |
| Preventing Access to Private Network Resources | 707 |
| Protecting Confidential Remote Access Data | 710 |
| Lesson 4: RADIUS Design Optimization | 715 |
| Enhancing RADIUS Availability | 715 |
| Improving RADIUS Performance | 718 |
| Activity 13.2: Completing a RADIUS Design | 720 |
| Lab: Creating a RADIUS Design | 723 |
| Review | 743 |
| CHAPTER 14 Monitoring and Managing a Microsoft Windows 2000 Network | 745 |
| About This Chapter | 745 |
| Before You Begin | 746 |
| Lesson 1: Networking Services Monitoring and Management | 747 |
| Goals of Monitoring and Managing Networking Services | 747 |
| Components of a Networking Services Management Design | 750 |
| Critical Networking Services | 753 |
| Lesson 2: Responding to Changes in the Networking Services Status | 756 |
| Determining How Quickly to Respond to Status Changes | 756 |
| Selecting the Type of Response to Changes | 760 |
| Selecting the Method of Responding to Changes | 763 |
| Review | 767 |
| CHAPTER 15 Networking Services Design Optimization | 769 |
| About This Chapter | 769 |
| Before You Begin | 770 |
| Lesson 1: Essential Networking Services Optimization | 771 |
| Optimizing Designs for Applications | 771 |
| Optimizing Designs to Reduce the Number of Servers | 775 |
| Lesson 2: Data Protection and Optimization | 779 |
| Identifying the Security Requirements and Constraints | 779 |
| Selecting the Method of Security Optimization | 781 |
| Lesson 3: Advanced Design Optimization | 784 |
| Including Windows Clustering | 784 |
| Optimizing the Windows 2000 Configuration | 790 |
| Optimizing to Reduce Network Traffic | 794 |
| Lab: Creating an Optimized Networking Services Design | 797 |
| Review | 818 |
| APPENDIX Questions and Answers | 819 |
| GLOSSARY | 869 |
| INDEX | 913 |
