Through the all-user Remote Access Service (RAS) credential feature, a connection can be created with a set of credentials, including the user name and password that are available for all users of a given computer.
Using Certificate Services and certificate management tools, you can deploy your own public key infrastructure (PKI). With a PKI, you can implement standards-based technologies, such as smart card logon capabilities, client authentication through Secure Sockets Layer (SSL) and Transport Layer Security (TLS), secure e-mail, digital signatures, and secure connectivity using Internet Protocol Security (IPSec). Using Certificate Services, you can set up and manage certification authorities (CAs) that issue and revoke X.509 v3 certificates. As a result, you are not dependent on commercial client authentication services, although you can integrate commercial client authentication into your PKI if you choose.
Credential Management provides a secure store of user credentials, including passwords and public key infrastructure (X.509) certificates. This provides a single sign-on experience for users, including roaming users.
Encrypting File System (EFS) technology is used to store encrypted files on NTFS volumes. Encrypted files and folders are easy to use and look like any other file or folder-available to authorized users but inaccessible to anyone else. EFS is particularly beneficial for mobile users who may face a higher risk of computer loss or theft. An unauthorized person who tries to access encrypted files or folders is prevented from doing so, even if the intruder has physical access to the computer. In Windows Server 2003 R2, EFS improvements give you the ability to authorize additional users to access encrypted files, encrypt offline files, and store encrypted files in Web folders.
The proxy component of Internet Authentication Service (IAS) supports the ability to separate the authentication and authorization of connection requests. The IAS proxy can forward a user authentication request to an external Remote Authentication Dial-In User Service (RADIUS) server for authentication, and then perform its own authorization using a user account in an Active Directory domain and a locally configured remote access policy. With IAS proxy, you can use alternate user authentication databases; however, connection authorization and restrictions are determined through local administration. In Windows Server 2003 R2, Standard Edition, you can configure IAS with a maximum of 50 RADIUS network access servers, a maximum of two remote RADIUS server groups, and unlimited users.
Internet Connection Firewall (ICF) provides a firewall for better Internet security. Designed for use in the home and small business, ICF provides protection on computers directly connected to the Internet. ICF is available for local area network (LAN) or dial-up networking, virtual private networking (VPN), and Point-to-Point Protocol over Ethernet (PPPoE) connections. It also prevents external sources from scanning ports and resources, such as file and printer shares. Note: This feature is not available in 64-bit versions of the Windows Server 2003 Family.
You can use Internet Protocol Security (IPSec) to secure communications within an intranet and to create secure virtual private network (VPN) solutions across the Internet. IPSec was designed by the Internet Engineering Task Force (IETF) as an industry standard for encrypting TCP/IP traffic.
Kerberos v5 is a mature, industry-standard network authentication protocol. Support for Kerberos v5 provides a fast, single sign-on process gives users the access they need to enterprise resources, as well as to other environments that support this protocol. Through Kerberos v5, Windows Server 2003 R2 offers additional benefits, such as mutual authentication, where a client and server must both provide authentication, and delegated authentication, where a user's credentials are tracked end-to-end.
;
imageSwap(Img1,"/windowsserver2003/images/collapse.gif","/windowsserver2003/images/expand.gif","Collapse","Expand")
){kind=link}
;
imageSwap(Img2,"/windowsserver2003/images/collapse.gif","/windowsserver2003/images/expand.gif","Collapse","Expand")
){kind=link}
;
imageSwap(Img3,"/windowsserver2003/images/collapse.gif","/windowsserver2003/images/expand.gif","Collapse","Expand")
){kind=link}
;
imageSwap(Img4,"/windowsserver2003/images/collapse.gif","/windowsserver2003/images/expand.gif","Collapse","Expand")
){kind=link}
;
imageSwap(Img5,"/windowsserver2003/images/collapse.gif","/windowsserver2003/images/expand.gif","Collapse","Expand")
){kind=link}
;
imageSwap(Img6,"/windowsserver2003/images/collapse.gif","/windowsserver2003/images/expand.gif","Collapse","Expand")
){kind=link}
;
imageSwap(Img7,"/windowsserver2003/images/collapse.gif","/windowsserver2003/images/expand.gif","Collapse","Expand")
){kind=link}
;
imageSwap(Img8,"/windowsserver2003/images/collapse.gif","/windowsserver2003/images/expand.gif","Collapse","Expand")
){kind=link}