ebook img

Windows Server 2012 Unified Remote Access Planning and Deployment PDF

328 Pages·2012·15.471 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Windows Server 2012 Unified Remote Access Planning and Deployment

Windows Server 2012 Unified Remote Access Planning and Deployment Discover how to seamlessly plan and deploy remote access with Windows Server 2012's successor to DirectAccess Erez Ben-Ari Bala Natarajan professional expertise distilled P U B L I S H I N G BIRMINGHAM - MUMBAI Windows Server 2012 Unified Remote Access Planning and Deployment Copyright © 2012 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: December 2012 Production Reference: 1141212 Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. ISBN 978-1-84968-828-4 www.packtpub.com Cover Image by Artie Ng ([email protected]) Credits Authors Project Coordinator Erez Ben-Ari Abhishek Kori Bala Natarajan Proofreaders Mario Cecere Reviewers Jordan Krause Bob Phillips Jochen Nickel Stephen Swaney John Redding Indexer Tejal Soni Acquisition Editor Robin de Jongh Graphics Aditi Gajjar Lead Technical Editor Unnati Shah Production Coordinator Arvindkumar Gupta Technical Editors Jalasha D'costa Kirti Pujari Cover Work Arvindkumar Gupta Prasad Dalvi About the Authors Erez Ben-Ari is an experienced Technologist and Journalist, and has worked in the Information Technology industry since 1991. During his career, Erez has provided security consulting and analysis services for some of the leading companies and organizations in the world, including Intel, IBM, Amdocs, CA, HP, NDS, Sun Microsystems, Oracle, and many others. His work has gained national fame in Israel, and he has featured in the press regularly. Having joined Microsoft in 2000, Erez has worked for many years in Microsoft's Development Center in Israel, where Microsoft's ISA Server was developed. Being a part of the release of ISA 2000, ISA 2004, and ISA 2006, Erez held several roles in different departments, including Operation engineering, Software testing, Web-based software design, and testing automation designs. Now living in the United States, Erez still works for Microsoft, currently as a Senior Support Escalation Engineer for Forefront Edge technologies, which include Forefront UAG and TMG. As a writer, Erez has been a journalist since 1995, and has written for some of the leading publications in Israel and in the United States. He has been a member of the Israeli National Press Office since 2001, and his personal blogs are read by thousands of visitors every month. Erez has also written, produced, and edited content for TV and radio, working for Israel's TV Channel 2, Ana-Ney Communications, Radio Haifa, and other venues. Erez has also authored four other titles, including Microsoft Forefront UAG 2010 Administrator's Handbook, Packt Publishing and Mastering Microsoft Forefront UAG 2010 Customization, Packt Publishing. His publications have been critically acclaimed, earning 5-star reviews from all readers and have been a monumental success. They have paved the way for many customers to deploy these solutions in some of the largest organizations in the world. To my dear colleagues Mohit Saxena, Billy Price, and Tarun Sachdeva, and to my co-author Bala, for supporting me and helping me in my quest to master this technology and bring it to light. Bala Natarajan has an engineering degree in Electronics & Instrumentation from India. He graduated in 1987 and started his career as a System Support Engineer for Unix, Novell NetWare, and MSDOS. From 1994 onwards, he specialized in Computer Networking to provide large enterprises in India with design and support for LAN and WAN networking using Cisco and Nortel networking gears. He moved to the US and worked in a large telecom company as a dedicated Support Engineer to connect over 300 school districts in the state of Washington. He joined Microsoft in 1998 as a Support Engineer in the Platforms Networking team and the Enterprise Security team. He worked as a pre-release product Support Engineer for TMG 2010, UAGDA. In 2011, he moved to the Windows Core networking team as a Program Manager for DirectAccess. About the Reviewers Jordan Krause is a Microsoft MVP for the Forefront network security technologies, and specializes in DirectAccess, which is a part of Forefront Unified Access Gateway (UAG) 2010 and the new Unified Remote Access (URA) in Windows Server 2012. As a Senior Engineer and Security Specialist for IVO Networks, he spends the majority of each workday planning, designing, and implementing DirectAccess using IVO's DirectAccess Concentrator security appliances for companies of all shapes and sizes. Committed to continuous learning, Jordan holds Microsoft certifications as an MCP, MCTS, MCSA, and MCITP Enterprise Administrator. He regularly writes tech notes and articles about some of the fun and exciting ways that DirectAccess can be used, here: http://www.ivonetworks.com/news/. Thank you to Ben and Bala for putting together this great resource. Bala, I appreciate your time answering my questions the last time I was in Redmond. Ben, what can I say? Thank you for your friendship. I would also like to thank the crew at IVO, without whom I would have missed out on many amazing opportunities. Jochen Nickel is an Identity and Access Management Consultant working for Inovit GmbH in Switzerland, and tries everyday to understand new business needs of his customers, to provide a better, more comfortable, and flexible workstyle through Microsoft Remote Access technologies. He has been working in a lot of projects, proofs of concepts, and workshops with Direct Access and Forefront Unified Access Gateway since they were added to the Microsoft Remote Access technologies. Jochen is very focused on DirectAccess, Forefront Unified Access Gateway, Active Directory Federation Services, and Forefront Identity Manager. Newly added to his interests is Dynamic Access Control in Windows Server 2012. Furthermore, he developed and wrote a lot of workshops and articles about these topics. His greatest passion is to spend as much time as possible with his family to get back the energy to handle such nice and interesting technologies. He regularly blogs at www.inovit.ch/blog.idam.ch. I would like to thank Ben for giving me the chance and the opportunity to be a small helper in this project by serving as a technical reviewer. John Redding has worked as a Technical Support Engineer on various Internet server products such as the first generation Netscape SuiteSpot and the second generation iPlanet server suite since the mid 90s. In 2003, John joined Whale Communications, where he worked as a Senior Support Engineer for the e-Gap and IAG SSL VPN products, which ultimately led to product support for UAG. John Redding is currently a Senior Consultant in the Identity and Access Management group at Certified Security Solutions, where he regularly does DirectAccess deployments. www.PacktPub.com Support files, eBooks, discount offers and more You might want to visit www.PacktPub.com for support files and downloads related to your book. Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details. At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks. http://PacktLib.PacktPub.com Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can access, read and search across Packt's entire library of books. Why Subscribe? • Fully searchable across every book published by Packt • Copy and paste, print and bookmark content • On demand and accessible via web browser Free Access for Packt account holders If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view nine entirely free books. Simply use your login credentials for immediate access. Instant Updates on New Packt Books Get notified! Find out when new books are published by following @PacktEnterprise on Twitter, or the Packt Enterprise Facebook page. Table of Contents Preface 1 Chapter 1: Understanding IPv6 and IPv4-IPv6 Interoperability 17 My network's fine, so if it ain't broken, why fix it? 18 The IPv6 addressing schemes 19 IPv6 address assignment 22 IPv6 and name resolution 24 A little more about DNS 25 Multiple stacks 26 Operating system compatibility 27 Protocol transition technologies 28 ISATAP 28 DNS64 and NAT64 30 6to4 31 Teredo 32 IP-HTTPS 34 Practical considerations for IPv6 and IPv4 36 Unified Remote Access and Group Policy 37 Public Key Infrastructure (PKI) 38 Summary 39 Chapter 2: Planning a Unified Remote Access Deployment 41 Server requirements and placement 42 Capacity planning for URA 43 Low-end server 45 High-end server 45 Server requirements – considerations 46 Basic scenarios 46 Network Location Server 47 URA certificates 48 Basic scenario considerations 49

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.