70-293_FORE.QXD 9/10/03 6

255_ - MCSE EXAM 70 293 PLANNING AND MAINTAINING A WINDOWS SERVER 2003 NETWORK INFRASTRUCTURE PHẦN 1 PPTX
MCSE EXAM 70 293 PLANNING AND MAINTAINING A WINDOWS SERVER 2003 NETWORK INFRASTRUCTURE PHẦN 1 PPTX

255_70-293_Fore.qxd 9/10/03 6:55 PM Page xlvii

Foreword

xlvii

works.We’ll discuss three cluster models: single node, single quorum device andmajority node set.Then we’ll talk about cluster deployment options, including N-node failover pairs, hot standby server/N+1, failover ring and random.You’ll learnabout cluster administration and we’ll show you how to use the cluster adminis-trator tool as well as provided command line tools. Next, we’ll discuss best practicesfor deploying server clusters.You’ll learn about hardware issues, especially thoserelated to network interface controllers, storage devices, power saving features andgeneral compatibility issues.We’ll discuss cluster network configuration and you’lllearn about multiple interconnections and node-to-node communication.We’ll talkabout the importance of binding order, adapter settings, and TCP/IP settings, andwe’ll discuss the default cluster group. Next, we’ll move on to the subject of secu-rity for server clusters.This includes physical security, public/mixed networks, pri-vate networks, secure remote administration of cluster nodes, security issuesinvolving the cluster service account and how to limit client access.We’ll also talkabout how to secure data in a cluster, how to secure disk resources, and how tosecure cluster configuration log files.The next section addresses how to makeNetwork Load Balancing (NLB) part of your high availability plan.We introduceyou to NLB concepts such as hosts/default host, load weight, traffic distributionand convergence and heartbeats.You’ll learn how NLB works, and the relationshipof NLB to clustering.We’ll show you how to manage NLB clusters using the NLBManager tool, remote management and the command line tools.We’ll also discussNLB error detection and handling. Next, we’ll move on to monitoring NLB usingthe NLB Monitor MMC snap-in or using the Windows Load Balancing Service(WLBS) cluster control utility.We discuss best practices for implementing and man-aging NLB, including issues such as multiple network adapters, protocols and IPaddressing, and NLB Manager logging. Finally, we address NLB security.

Planning, implementing and maintaining Internet Protocol Security Wethen turn to Windows Server 2003’s implementation of the Internet ProtocolSecurity protocol (IPSec).We start by introducing IPSec terminology and conceptsand explaining how IPSec works “under the hood” to secure data in transit overthe network.We discuss the purposes of IPSec encryption: authentication, integrityand confidentiality.You’ll learn about how IPSec operates in either of two modes:tunnel or transport.You’ll also learn about the protocols used by IPSec.Theseinclude the two primary protocols: the Authentication Header (AH) protocol andthe Encapsulating Security Payload (ESP) protocol.We’ll also discuss the roles ofadditional protocols used by IPSec, including the Internet Security and KeyManagement Protocol (ISAKMP), Internet Key Exchange (IKE), the Oakley keydetermination protocol and the Diffie-Hellman key agreement protocol.You’ll alsolearn about Server 2003’s IPSec components such as the IPSec driver and we’ll dis-cuss the relationship of IPSec to IPv6. Next, we’ll show you how to deploy IPSechttps://traloihay.net