70-293_FORE.QXD 9/10/03 6

255_70-293_Fore.qxd 9/10/03 6:55 PM Page xliv

xliv

Foreword

Planning, implementing and maintaining an Internet connectivitystrategy We then turn to how to develop the best strategy for connecting yourcompany’s Windows Server 2003 network to the Internet.We discuss connectingthe LAN to the Internet using routed connections or translated connections (viaInternet Connection Sharing or the RRAS Network Address Translation compo-nent).You’ll learn about virtual private networking, and how to use both Internet-based VPNs and router-to-router VPNs to provide connectivity to the company’sLAN from remote locations or connect two branch offices.We discuss the intrica-cies of demand-dial/on-demand connections and persistent connections, andexplain the difference between one-way and two-way initiation.We also show youhow to use remote access policies to control VPN connections, and we discuss VPNprotocols supported by Windows Server 2003 and how to make VPN connectionsusing either the Point to Point Tunneling Protocol (PPTP) or the Layer 2Tunneling Protocol (L2TP).You’ll learn about VPN security and the authenticationand encryption protocols that make your virtual network private. Next, we take alook at the Internet Authentication Service (IAS), and how it can provide central-ized user authentication and authorization, centralized auditing and accounting, andextensibility and scalability.You’ll learn about IAS integration with Server 2003RRAS and how to control authentication via remote access policies.We show youhow to use the IAS MMC snap-in and how to implement monitoring of IAS, andwe discuss the use of the IAS Software Developers’ Kit (SDK).Then we delve alittle deeper into the IAS authentication methods, and discuss RADIUS accessserver support, wireless access points and authenticating switches. In the next sec-tion, we walk you through the process of using the Connection ManagerAdministration Kit (CMAK) to create service profiles, custom actions and customHelp, as well as VPN support, to make it easier for non-technical users to connectremotely without having to do complex configuration.We’ll talk about securityissues pertaining to Connection Manager, and show you how to prevent editing ofservice profile files, how to prevent users from saving their passwords, and how todistribute service profiles securely.

Planning, implementing and maintaining a name resolution strategy Youwill learn how to plan for the best way of resolving host names on your network.We’ll present an overview of host naming, and how host names are resolved usingthe hosts file and using DNS.We’ll discuss issues involved in designing a DNSnamespace, such as choosing the parent domain name, the conventions and limita-tions that govern host names, the relationship of DNS and the Active Directory,and how to support multiple namespaces.Then we move on to planning DNSserver deployment.You’ll find out how to factor in such things as number ofservers, server roles, server capacity and server placement.We’ll also show you howto plan for zone replication between your DNS servers, and we’ll address planninghttps://traloihay.net