Beruflich Dokumente
Kultur Dokumente
10........................
-2 winXP
-3 Xp 19..........................
-4 Sysprep -5 22..........................
36...............................Group Policy
-6 44....Group
Policy
-7 52...Group Policy
-8 ( !)
........................................................................................
58..
-9
64 ..............................................................................
-10 Scripts 75 ..............................................
-11 79...................................................... dns
-16 (
USB Devices
107 ....................................................................
-17 Shadow Copies
134 .........................................................................................2003
-18 Web Server151.. IIS 6.0
-19 164.................................. Distributed File System
196..2003
-20 Html
-21208...................... Active Directory Sites and Services
-22 ) (Additional Domain Controller
Replicate 232.............................................................
-23 ( ) Additional Account Info
246 ......................................................................Active Directory
-24 252 ......................................Isa Server 2006
CACH -25
........................................ ISA
277.........................
286........Internet Security And Acceleration Server 2004 -26
-27 304 .....................................................
332 ..................................................................configure Http -28
-29 344.........................
ToolBox -30355 ...................................................... ISA 2004
-31 ** Isa2004
373 ................................................................................
-32 Cache
..........................................
381.
-33 385........................................ ISA Server
- 34 388..........
35 ftp 396 ..................................................
- 36 VPN 403 ........................
Domain Trusts ,Child Domains and Additional Domain -37
413......................................... ........................................... Controller
5
..
.
%100
Windows XP Professional
1 :
2 :
: 3
winXP
!!
XP
IP ....
10
11
12
13
14
15
16
17
18
Proceed
Guest
XP
19
Xp ...
XP
.. ( .... ))
.
... :: 1 ::
( ) :.
1 // ) ( CDXP .
2 // support tools ...
support tools .
3 // DEPLOY.CAB ... ...
(( Extract-
)) . winzip
4 // ... ((
)) stupmgr.exe
.
:.
1 stupmgr.exe 20
((
DEPLOY.CAB ))
((
)) . 3
2 stupmgr.exe 2000 XP ... (( .))
5 // stupmgr.exe ....
) ( wizard
((
....
))
1. unattend.txt
2. unattend.bat
21
1 unattend.txt unattend.bat unattend.txt winnt.sif
<<< >>> unattend.txt /// winnt.sif /// unattend.bat
..
6 // .
....
DEPLOY.CAB
deploy.chm
XP ...
CD-ROM
22
Sysprep
Sysprep
-1 20
office
, nero , antivirus , ..
20
-2
..
sysprep
Norton ghost
( )
: sysprep hardware
slots
:
1- Microsoft Sysprep Tool
)2- Disk imaging software (Norton ghost
:
software
multiple user setup
Device Manager
23
Standard Intel
24
25
26
27
SUPPORT \ TOOLS
DEPLOY.CAB
28
Sysprep root \ C:
DEPLOY setupmgr.exe
29
30
31
license network
settings finish
32
33
cancel
sysprep.inf
34
i386
sysprep.exe
35
Factory
shutdown
Norton
ghost
36
Reseal
37
)(Group Policy
) (Group Policy ,
.
,
.
,
.
:
1 ) (Group Policy .
2 ) (Group Policy .
) (Group Policy (
,
) ,
Client .
) (Group Policy
, 2000 2000 .
)(Group Policy
,
.
(
)
38
,
2000 2000 XP
, 2003
,
(
)
39
XP
, 2000 2003
2000 XP .
40
:
) (Group Policy
, .
) (Group Policy
, , Setting
Supported On
.
41
Extended
.
( )
42
,
.
( )
43
) (Group Policy ,
,
:
Group Policy
gpmc
Firewall ,
NetBIOS .
:
44
Windows Server
2003 Enterprise Edition SP1 .
45
(Group
)policy
:-
( )...... . . . . .
OU
1 OU2 OU OU
3- Group Policy
46
Edit
Enable
.
47
:-
1-
48
" "Active desktop:-
""Enabled
49
(Internet
)explorer
.
:-
50
.
Computer configuration
51
( , )
user configuration > administrative tamplets > system
52
, system32 okok
Group Policy
53
OU
OU
...
OU
OU .
OU
...
Active Directory Users & Computers ( ...
! )
54
55
Deny
Apply Group Policy
...
56
(gpmc) ..
57
...
Group Policy OU
.
Delegation
Advanced ..
58
..
59
[][] (
!) [][]
group policy
xp 2000
start run
gpedit.msc ok
c d ..
..
administrator ..
..
..
enableddisabled
:
...
.
60
...
1- ..
2-
61
3- ( c: )
62
4- () .
63
5- .
64
OU Windows Firewall /
Group Policy
Windows Firewall : Protect all network Connections
:
:
Computer Configuration > Administrative Templates >
Network > Windows Firewall > Windows Firewall : Protect
all network Connections
Disabled
65
workgroup? domain
domain group policy ou group
policy
user configuration windows settings internet
explorer maintenance security security
zones and content rating
import the current security modify trust sites
, restricted sits
locally run
gpedit.msc
run
gpupdate /force,
.
Disable
66
-2 ,
Administrator Guest .
Administrator .
:
67
3 , ( ) ( ).
( )
:
68
69
70
( )
.
- 6 Properties My Computer ()
:
71
72
-6 .
,
,
:
: ,
:
PC1 :
73
.
: > > Run regedt32.exe :
74
, .
: My Computer () Management
:
75
.
,
Net school.
Program File .
, ,
.
76
Scripts ..
( ) , , , !!!
Logon/Logout
Scripts
Startup/Shutdown
Scripts
Logon
Script
( GPO ) ..
!!!
Profile ( ) ..
!!!
.
- -
Logon Script ..
*
1 : /XP 2000 .. :
Computer Managements\Local Users And
Groups\Users\{UserName}\Properties\Profile
77
/ /
..
( .. Schedule /
).
/ ..
Logon
Script.
* / Site Domain OU Sub-OU
Local GPO .. " " ..
) Scripts (Startup/Shutdown / .
.. ..
.. :
78
Startup ,
.
/
) Scripts (Logon/Logoff
.. :
Policy_name Policy/User Configuration/Windows Settings/Scripts
)(Logon/Logoff
79
.. / .
: / :
%SystemRoot%\system32\GroupPolicy\Machine\Scripts\
{Logon/Logoff}
%SystemRoot%\system32\GroupPolicy\User\Scripts\{Lo gon/Logoff}
: :
%SystemRoot%\SYSVOL\sysvol\<DOMAIN>\Policies\<GUID>\USER\Scri
pts\{Logon/Logoff}
%SystemRoot%\SYSVOL\sysvol\<DOMAIN>\Policies\<GUID>\MACHINE\
Scripts\{Startup/Shutdown}
: Logon Script :
\\{ComputerName}\NetLogon\
80
Dns
IIS 6.0
IP:
-1
Folder Site
Publish hi.html ..
81
-3 Wizard Next
..
-4 IP Next..
82
-5 Browse Folder
..
83
-6 Permission
Read Finish..
84
85
-8 Documents Add
Folder hi.html OK ..
86
-9 http://192.168.0.1
..
87
88
Record IP:
89
-11 www.security.com ..
90
12- ..
:
( )4 IP Web site..- ( )10 Name Resolving
91
-2 New Record:
92
-3 Ping..
93
-4 www.nemo.com ..
94
Dynamic Disk
2000 XP
Administrative Tools Computer Management
Disk Management
:
1- simple .
2- spanned
.
3- stripped
( )
.
4- mirrored
.
5- RAID5
ECC
.
FAT32 NTFS
Convert to Dynamic Disk
.
.
(
)Universal Serial Bus (USB
( IEEE 1394 ) FireWire SCSI
). SCSI
,
group policy
95
2000 .
CD Rom .
.
.
gpedit.msc run
.
Local computer pilcy
Computer Configration .
User Configration .
.
Computer Configration
.
Software Setting
Windows Setting
Administrative Templates
User Configration
Computer Configration
Software Setting
Windows Setting
Administrative Templates
Computer Configration
.
User Configration
.
96
Computer
Configration User Configration.
.
.
Software Setting
.
Computer
Configration
.
User Configration
Computer Configration
.
Windows Setting
)script ( startup/shutdown
.
startup
shutdown
Computer Configration
User Configration
97
.
startup add
.
security setting
.
.
account policies
.
Password policy
Account lockout policy
Password policy
98
: 998
2
.
.
:
.
99
.
:
.
.
100
Remote Desktop
Remote Desktop
Remote Desktop Users group
Domain controler
Domain controler policy
Domain controlers OU
:
computer settings - windows settings - security settings - local policies user rights assignment - allow logon through terminal services
Remote Desktop Users group
Run
gpupdate /force
(windows XP)
performance and maintenance . control panel 1: administrative tools 2active directory users and -computer management
101
computers .
-local security policy .
-event viewer .
-performance .
-component services .
-services .
-data sources (ODBC) .
--------------------------------------------------------------## (local security policy):-
__________________________________________
1 ) (local security policy account policies,local policies,public key policies,software restriction
policies and IP security policies on local computer).
:
hackers .
2 (account policies): (password policy):
.. (enforce password history): (right
)click (properties).. (do not keep password
)history ....
password ( )5
) (hackers
... !!!
.
( )0 .
(maximum password age): ) (right click
(properties).. ) (password will expire in
.... password
( )34 password ()34
password ..
(my computer\control panel\performance and
)maintainence\administrative tools\computer management
password
102
(properties)..
: ) (account ) (user
) (username ) (lockout ) (policy
account
user .. ) (user
:
. .
(account lockout threshold): ) (right click
(properties).. ) (account will not lockout
....
) (password password
( )4 (invalid logon
)attempts ( )4
. hackers
.. (
!!!!!!!!!) . (reset account lockout counter after):
) (right click (properties)..
) (users
) (user ) (remote access
.
3 (local policies): (audit policy):
:
1-(audit account logon events): ) (right click
(properties).. (audit these attempts)..
)(success ) (failure (audit)..
(NETWORK):
) (auditor
(audit).. ) (audit
) (the TRUSTED USER
.. (audit
)account logon events
104
) (SERVER
(auditing) ..
server hosts ) (administrator ) (server
) (server ) (success ) (access ) (client
) (host ) (failure(success).
2-(audit policy change): ) (right click (properties)..
(audit these attempts).. ) (success ) (failure
( user
account policy !!!!!!!!!!!!!!!
.
.
) (user rights assignment
.. :
:
1-(access this computer from the network): ) (right click
(properties)..
): (add user or group (remove).. (access
)this computer from the network (
network ) : (users-
) administrators-everyone-backup operators-power users-guest
: ) (add user or group
.. .
2-(deny access to this computer from the network): )(right click
(properties)..
): (add user or group (remove)..
)(deny access to this computer from the network (
network ) :
)(users-administrators-everyone-backup operators-power users-guest
: ) (add user or group
.. .
3-(force shutdown from a remote system): ) (right click
(properties)..
): (add user or group (remove).. (access
this computer from the network).. (
105
(remote
) access system ) (registry (
) : ) (search ) (blackcode (registry).
4 : ) (right click ) (my computer (properties). (remote).. . (advanced).. . (allow this computer to be controlledremotely).
() . ) (RUN ) (username ) (password
hackers ) (administrative tools
. . .
xp
xp run
1- cleanmgr.exe .
2- cmd.exe
3- dxdiag.exe direct X .
4- regedt32.exe .
5- taskmgr.exe ( Ctrl+Alt + Del
).
6- certmgr.msc certificates .
106
7- ciadv.msc xp .
8- compmgmt.msc .
9- diskmgmt.msc
.
10 - devmgmt.msc device manger .
11- dfrg.msc .
12- eventvwr.msc event viewer .
13- fsmgmt.msc shared folders .
14 - gpedit.msc group policy
.
15- lusrmgr.msc local users and
groups
16 - ntmsmgr.msc .
17 - perfmon.msc .
18- secpol.msc xp .
19 - services.msc services
.
107
Client
Remote Access Server
Remote Access
Client
..
Network Connections ...
Start>settings>network Connections
108
109
Next
110
][COLOR=Blue
VPN Dial-up
111
Dial-up
VPN
Dial-up
server ..
VPN Next
112
...NEXT
IP
VPN IP Public IP Address
...
113
IPNEXT
finish
114
Network Connections
ArabsGate VPN ....
ArabsGate
Connect
115
116
117
(
USB Devices
Flash Memory External HDD
USB
USB
Removable Devices
Group Policy Management Console
:
http://download.microsoft.com/downl...8b5bb7/gpmc.msi
Administrative template
USB
:
http://www.petri.co.il/software/usb..._drives_adm.zip
118
119
120
setup
121
run gpmc.msc
122
123
124
Edit
125
126
Add
127
Administrative Template
128
129
ViewFiltering
130
131
132
133
group policy
management console
Active Directory OU
134
Shadow Copies 2003
2003 (
)VSS ( Volume Shadow Copy Service) .
,
.
,
.
,
.
2003 (
) Shadow Copies ) ( Snap Backup
,
, (
.
)
.
Shadow
Copies
.
.
.
.:
Copies
Shadow
135
2003
.
) ( VSS , 2003
,
, .
, ,
.
NTFS ,
.
: 3 ) NTFS (C,D,E
,
.
( ) (7:00 12:00) .
100
,
,
....
.
NTBackup ,
) (System Volume Information
Hidden , System
.
) ( Shadow Copies
136
, My Computer
Properties Shadow
:
Copies
, Computer Management
Storage Disk Management .
Shadow Copies ,
Enable .
,
.
Select a volume
:
137
NTFS .
Volume :
Shadow Copies of Selected volume .
, Settings
Storage Area: ( )
Located on this volume
,
.
,
138
.
100 ,
.
Maximum size .
,
,
.
64
.
Details : Details
.
Schedule : ,
,
139
, ,
.
,
Create Now ,
.
Create Now .
140
,
.
:
.
.
.
,
( )
Previous Versions :
141
142
Windows XP Windows
2003 , Windows 2000
,
Windows NT 4.0 Windows 98
.
Windows
ME
: Previous Versions
,
Previous Versions VSS .
UNC
:
\\Server_Name\Share_Name
, Run Start .
,
Previous
Versions
.
Previous
Versions ,
View
.
Copy .
143
144
Previous Versions ,
.
Previous Versions
.
,
.
,
,
.
,
Run
, : Run :
:
145
\\192.168.0.1\C$
$C 192.168.0.1
,
.
.
.
:
:
,
,
Computer Management
( Windows XP
)
.
146
147
4 Settings , , OK .
5 , , Create Now ,
.
:
1
4:
Volume Shadow Copies of selected ,
Delete Now .
:
148
, .
,
.
1 4:
Shadow Copies
Disable , Yes ,
.
:
,
,
.
1 , Windows Server 2003
Windows 2000 .
.
2 , .
,
) (Domain Controllers (Active
) Directory.
,
.
3 ) ( Cluster KB 16 .
149
Disk Defragmenter
Cluster KB 16
.
Windows Server 2003 Cluster 4 KB
, GB 2
.
Fat Convert
NTFS Convert , Convert
Cluster Bytes 512
Fat .
Acronis Disk Director
Suite Norton Partition Magic Cluster
, KB 16 ,
32 KB .64
Cluster ,
,
, KB 16 .
4 ( Mount) Point ) ( Mount Drive
NTFS .
,
.
,
.
5 Volume Shadow Copies .
6 Shadow Copies , Service
Pack 1
,
150
:
7 , ,
,
:
Previous Versions ,
.
, ,
.
:
Volume Shadow Copies
,
.
,
.
151
Web
ServerIIS 6.0
Folder
Site Publish
hi.html ..
2- IISNew Web Site..
3 Wizard Next ..
152
4- IP Next..
153
5 Browse Folder ..
154
155
156
157
9 http://192.168.0.1 ..
158
159
Record IP:
160
11- www.security.com ..
161
12 .. :
( )4 IP Web site.. ( )10 Name Resolving :
1 DNS NEW Primary Zone
nemo.com..
2- New Record:
162
163
3- Ping..
4- www.nemo.com ..
164
Map Network
Drive :
1- Start Run \\server2 OK
165
2- 2
166
4- Finish
5 3 4 Map6- 1 2 3
167
7- 3
8 3 4 Map Map .
Drives My Computer
. Distributed File System DFS.
DFS
. Map Map
.
DFS Root
168
1 DFS Root
Map Public Root .1
Public Root
Public Root .
169
Next
170
( ) test.local Next
171
Server1 Next
Root Next
172
Browse Root
. : C:\Public Root OK
173
Next
174
Finish
: Root
Links
Links Root
.
Root New Link
175
Link Users ( 2 ) .
( Link ) Browse
Users 2 OK
OK
176
Users 2 Root 1
Links 23
Links 7 2:3
Accounting 2
177
Graphic Design 2
IT 2
Marketing 2
178
Sales 3
Procedures 3
179
: 2000 Root .
: Links Root 2 3
. Link .
MapRoot
Root Public Root Root ManagersRoot.
Map :
1- Start Run ( ) OK
Roots DFS
180
3- P Finish
181
4- My Computer Drive P
182
2 3
5 1 3 ManagersRoot 2 M 3
6- My Computer Drive M
Links ManagersRoot
183
Root Target
Root
Root . Root
.
.
.
4 Root Public Root
:
184
:
PublicRootNew Root Target
185
( 4 )1 Next
186
Finish
Target Root
187
RootManagersRoot
1 4
1 .
Replication
Target Root
Root (Replication).
PublicRoot Check Status
188
online
.
PublicRootConfigure Replication
189
Root 1Next
Replication. Finish
190
Link Target
DFS .
Users 2 3
2 3 Targets Link
Users
Users.
Users 2 9 :
191
3 Users
Users permissions
( 2 )
192
Users 3 OK
193
Yes :
2Next
RingFinish
194
Link Users 3
2 Users
9 Users 2
Users 3 :
195
Users : 2
. 3
.
:
Root Root
196
Html
2003
2000 Terminal
Services .
Terminal Services
.2003
...
1 : Terminal Server
.2003
Terminal Server Terminal Licensing
Add Or RemoveControl Panel .
Terminal Server Remote Desktop
.
Remote Desktop ,
Terminal Server .
Remote Desktop
.
197
HTML ,
Terminal Server ,
Remote Desktop ,
.
HTML ) (Remote Administration HTML
) IIS (Internet Information Services
,
, 2003 IIS .
HTML .
1 Control Panel Add or Remove Programs Add / RemoveWindows Components .
2 Application Server Details , )Internet Information Services (IIS Details ,
IIS ,
, NNTP Service
SMTP Service FTP Service , .
3 : Common Files , World Wide WebService, Internet Information Services Manager .
World Wide Web Service Details ,
:
198
199
OK 3 Next , 2003
.
, HTML ,
IIs
200
IIS
, ,
.
2003 IIS ,
IIS:
201
202
203
Directory Security ,
.
,
Active Directory .
:
1- Anonymous access :
.
2- Integrated Windows authentication :
(
)Windows NT Challenge / Response
.
3- Digest authentication for Windows Domain Servers :
(Domain) , .
,
HTTP 1.1 .
4- Basic authentication : (Domain) ,
, .
SSL ,
5- .NET Passport authentication :
HTTP , Jscript , .
204
,
Administration
HTML ,
Remote Desktop :
205
206
,
.
:
,
, .
IIs , ) (Meta Base
XML .
IIS Manager ALL Tasks
Backup/Restore Configuration , :
207
208
,
,
,
.
, ,
HTML .
209
Active Directory
Domain Controllers .
....
) (WAN
( DSL ) T1
)(LAN ( Ethernet).
:
domain controllers 2 . IP 192.168.1.0
domain controller . IP 192.168.2.0
Domain test.local Domain Controllers Server1 Server2 Domain Controller Server3. ( T1 Mb 1.5 24). :
: Domain Controllers
210
.
Active Directory Sites and Services
Authentication (
Ctrl+Alt+Del).
T1
!
Mb 100 Mb 1.5
.
Active Directory Sites and Services.
Active Directory Sites and Services Start All Programs
Administrative Tools Active Directory Sites and Services
.
211
:( Site)
Site Default-First-Site-Name Riyadh
Default-First-Site-NameRename
212
Riyadh Enter
: Site .
. Site
Sites NewSite
213
Dammam DEFAULTIPSITELINK OK
OK
.
214
: Site
Site Site
215
DammamOK
216
:( Subnet ) Site
IP 192.168.1.0 IP
.192.168.2.0
Subnet Subnets NewSubnet
IP Subnet Mask OK
217
218
. Licensing Site
SettingsProperties
Change ( ) SERVER1 OK
OK
.
Active Directory Sites and Services
:
220
( IP
192.168.2.11) . Authentication
( SERVER3 IP . 192.168.2.1) SERVER3
.192.168.2.0
Replication
Replication .
Replication Sites:
INTRA Site Replication )(Site
INTER Site Replication
User Active Directory SERVER1.
SERVER1 SERVER2 Site SERVER1 SERVER2
15 . SERVER2 .
INTRA Site Replication.
SERVER1 SERVER3 SERVER1
SERVER3 3 ( ) . SERVER3
. INTER Site Replication.
Replication (
SERVER1 SERVER2 ) SERVER3 SERVER1 NTDS
Settings.
SERVER3 Replicate Now
221
OK.
SERVER2:
222
Replication
(SERVER1 ) SERVER3INTER Site Replication
Replication
(SERVER1 ) SERVER2INTRA Site Replication
T1 Active Directory Sites and
Services . Inter-Site Transports IP.
Site Link T1 . Site Link
DEFAULTIPSITELINK
Site Link DEFAULTIPSITELINK Riyadh-Dammam
T1 Link DEFAULTIPSITELINKRename:
223
Riyadh-Dammam T1 LinkEnter
Riyadh-Dammam T1 LinkProperties
Site Link .
224
:
Description: ()
Sites in this site link: .
Replicate Every: Replication .
180 ( ).
Change Schedule: Replication.
Replication 24 7/ ( ) .
Replication .
( Replication )
.
225
226
227
IP Add
228
OK .
229
DSL Kb 512
DSL Kb.256
Site Jeddah Site Links :
230
231
.. Replication
232
(Additional Domain
)Controller Replicate
: Operation Master :
... ..
..
.
Error
: AD :
Active Directory :
1- schema
2- config
3- Domain
4- Application
( .... )
Catalog .
233
(
!) Child Domain .. .
....
.
: :
1 20032 250 3 ( AD ) NTFS .4 AD.5 AD DNS .6 : DSL Lased LineT1 .
:
1 2 : !
3- .
: !
:
1 .2 . !
RAHEL.COM ADDNS .
http://edu.arabsgate.com/showpost.p...1&postcount=159
DNS,DHCP . .
DC2 . .
2003.
!! !!
: START RUN dcpromo
.
:
( )
235
95 NT SP4
.
.. !
236
)
(
237
( )
238
( )
239
.
..
..
240
Additional Domain
Controller
241
.. Replicate
DC1 DC2 .
:
( ) ( )
242
1 /2 3- :
243
..
() DC2
244
DC1 Replicate
: DC2 DC1 .
...
:
245
( ) DC1 .
DC2
246
,
,
,
.
:
1 . 2 . 3 . 4 ( ) .
5 .6 ( SID ) .7 . 8 ( Group Policy ) .
9 . 10 . , ,
.
(Windows
) 2003 Resource Kit Tools .
(
) Additional Account Info Active Directory
Active Directory Users and Computers .
) ( acctinfo.dll
) ( Windows 2003 Resource Kit Tools
247
:
(Windows 2003 Resource Kit Support Tools (12mb
:
1 ) ( acctinfo.dll :HTML:
\%systemroot%\system32
SystemRoot .
2 Run :HTML:
regsvr32 %systemroot%\system32\acctinfo.dll
,
Install.cmd .
3 Active Directory Users and Computers , Properties
248
249
250
,
UnInstall.cmd .
251
:
) (Additional Account Info ,
.
:
1 Domain Primary Domain , ChildDomain ) ( acctinfo.dll .
2 , Windows 2000 Server ,Windows Server 2003
252
Windows 2003 server Enterprise
Windows Server 2003 Standard Service
Pack 1 :
isa server 2006 standard edition :
ISA2K6EVLS_EN.exe
:
253
yes :
C:\ISA
Server 2006 Standard Edition CD :
254
255
256
257
258
internal network places
Properties
259
wan
Lan
:
:
Wan External :
lan Internal :
260
261
Add :
262
263
264
Install
:
265
266
267
2006
268
2006
FireWall Policy Access Rul
:
269
270
271
272
273
274
Apply :
2006
:
275
Firewall WebProxy Cach
...2006
..
2006 180
276
CACH ISA
2006
Cach :
Webcach
: 2006
: Partition NTFS
: 5
: % 20
:
Configration Cach
) (0
:
:
277
278
:
Cach Prooerties
:
279
Apply
:
Cach New Cach Rule :
280
281
282
283
284
Apply
2006
100%
285
:
1-Monitoring
administrating
2-Firewall policy
3-Virtual private network
4-Networks
Internal & External
286
287
-Dashboard
client type
..
-Alerts
288
289
:
Cache
security
firewall
firewall service
5-Sessions
Secure nat , Firewall client , web proxy
290
291
292
!!!
firewall stop
293
isa administration
-logging
gfi web monitor isa administration
294
:
,,
..
.
firewall policy
295
: Firewall policy
rules
296
"
External " Internal
:
c
External Internal
,,
..
-- Creat access rule :
297
All Access
298
Internal to External add
Source
299
internal
External Distination
300
301
302
303
304
:
Content type:
Shedule :
305
,,
306
" Shedule
NEW
307
In active
msn messenger protocol
308
....
309
Block
310
MSN Messenger
311
20
msn
msn
,,
: ,,
External
" LocalHost
localhost to external
312
313
ftp server
upload.
.
314
315
Discrition
316
computers
317
318
319
Internal
External
17
ISP work
Address range
320
address range
321
range
322
323
external
puplish server
ftp server
324
325
( ) ftp server
326
FTP SERVER
327
21 ftp
328
21
329
Internal
FTP SERVER
330
331
internal to external
configure Http
332
]
Http header
excutable exe
Block Responese containing
333
extention
334
add
335
extention
Description
336
337
338
p2p
configure Http policy
339
signatures
add signatures
340
kazaa signatures :
341
signatures microsoft
:
http://www.microsoft.com/technet/isa/2004/plan/commonapplicationsign
atures.mspx
342
signature
343
) ( EMAIL CHECK
AUDIO
REDIRECT .
:
1 : URL SET :
NEW :
344
LOG IN 1
2 GMAIL LOGIN
3 LOGIN WILDCARDS.
HTTP:// .
RULE :
:
345
APPLY :
346
.
2 : ( ) AUDIO :
RULE :
347
DENY :
348
AUDIO .
3 : IIS NEW WEB .
WEB
PAGE:
349
IIS :
350
WEB :
ISA RULE :
351
352
: :
4- :
353
isa
7.5
apply
354
ToolBoxISA 2004
ISA 2004
Toolbox
.
:
Protocols .
Users .
Content Types .
Schedules Rules.
Network Objects .
.
:
PROTOCOLS
355
:
Common Protocols :
POP3.
Infrastructure :
PING.
Mail : SMTP.
Instant Messaging :
MSN Messenger.
Remote Terminal : Telnet.
Streaming Media :
MMS.
VPN and IPSec : PPTP .
Web : HTTP.
User-Defined :
.
Uthentication : RADIUS Accounting.
Server Protocols :
DNS.
All Protocols : .
:
NEW Protocol
356
New
:
(TCP)UDP
357
( )
OK
, NO
User-Defined
.
.
Sasser Blaster ISA Server
USERS
358
359
Add
360
( Advanced )
:
:
Object Type
Location
Find Now
OK
CONTENT TYPES
361
:
Audio :
MP3.
NEW
362
OK.
Edit
Delete
SCHEDULES
363
.
New
364
:
( )
.
OK
NETWORK OBJECTS
365
:
Networks :
Internal.
Network Sets :
.
Computers :
.
Address Ranges : .10.0.0.255 10.0.0.1
Subnets : SubNet Mask .
Computer Sets : Anywhere.
URL Sets : .
Domain Name Sets : .
Web Listeners :
.
Network Network
366
Add OK
10.0.0.0
367
computer
OK
Address Range
368
OK
Subnet
Ok
369
Computer Sets
:
Computer
Address Range
Subnet
OK
URL
370
URL new
OK
Domain Name Set
New OK
Web Listener
371
Address
372
** Isa2004
10 2004
) (Rule.
( ISA ) 2004 ))Domain
: Active
Directory
IT
373
User
374
ISA2004
375
376
377
378
379
380
Cache
Cache
(
)
.
( ) .
:
windowsecurity.com
.
.
381
:
1
.
2
.
3
.
:
1 .2 HTTP FTP.3 () Time To Live TTL
(
) Temporary Internet Files
ccproxy
( ) ( )
( )
382
(
) ( )
383
(
)
384
ISA Server ..
!!
Isa
Server 2000
Proxy Inspector for ISA Server
..
:
385
..
...
:
.
386
387
2004
2004
.
:
2004
1 Backup
2 backup
388
3-
4
1- Restore
389
2- restore
3-
390
4-
5- Apply
6-
391
Export
Configuration .
VPN:
1 VPN Export VPN Clients Configuration .
2 .
392
3-
Export
393
4
VPN
1 VPN Import VPN Clients Configuration .
2-
394
3-
4 Apply .
VPN .2004
395
Ftp
FTP
HR
396
397
HR IP 172.16.11.210
ftp://172.16.11.210
D:\HR :
FTP Sites New FTP Site :
398
IP 172.16.11.210 21
399
C:\HR:
400
Read only
401
ftp://172.16.11.210
VPN
402
2004
VPN VPN
.
VPN
VPN
1 Virtual Private)Networks (VPN
2- Enable VPN Client Access
403
7 8 msfirewall.org
9 Domain Users CheckNames . .
404
10- L2TP/IPSEC
405
Enable User User Mapping 11When user name does not contain a Mapping.
. msfirewall.org domain, use this domain
406
12 .
VPN
VPN VPN
.
1 Firewall Policy .
2 VPN Client to Internet
407
3 4 This ruleapplies to
5 VPN Clients .
10-
Dial-Up
Native
1 Domain Controller Administrative ToolsActive Directory Users and Computers
2 Administrator
3 Dial-Up VPN
409
4-
VPN
VPN
1 2000 My NetworkPlaces
2 3 410
4 5 192.168.1.70 6 7 8 ISAVPN 9-
: MSFIREWALL\Administrator
MSFIREWALL
Administrator
411
11 \\Exchange2003be .
VPN
.
412
Child Domains
413
1 run dcpromo domain controller for a newdomainnext
2 child domain in an existing domain tree3 enterprise Administrator
4 myweb.comMynet.Myweb.com
5 next Shared System Volume
- 6 DNS registration DNS
Next
-7 permmision :
2003 2000
- 8 next
-9
MyNet.Myweb.com
MyWeb
414
Domain Trusts
(
)
virtual private network
bridge
.Staff.com Accounting.com
Login
Xp
Domain trust
1 Active Directory Domains andTrusts Admnistrative tools
-2
properties
415
416
-7 ..
418
MMC
AUTHOR MODE
Console Snap-in
Add/Remove :
419
420
Snap-in Add
:
421
Computer Management
Add :
Local Computer
console Allow Finish
( ) Close
Add/Remove Snap-in Extensions
:
422
Add all extensions
:
Ok
:
423
424
Storage
Options
Console -
425
Storage
User mode single window
Ok Console Save
:
426
Save
:
427
Yes MMC
:
428
Scheduled Tasks
429
Next
:
Browse
:
dfrg Open :
430
Monthly Next
:
Next
:
431
Next
:
Open advanced
Finish Finish
Settings :
432
Ok :
Advanced - View Log :
433
Advanced - Notify Me of Missed Tasks
434
My Network Places
435
Scheduled Tasks :
436
Client Server
RAS SERVER Remote Access
Server.
Server Client
TCP/IP Encapsulation
Point-to-Point Protocol
PPP
TCP/IP Dial-up
****** Line Internet protocol SLIP
:-
SLIP Dial-up connection ProtocolSLIP Server
Dial-up Unix
437
Server SLIP
Wndows Server SLIP SERVER
RAS SLIP Connection.
Dial-up Connectoin
Remote
Access VPN.
438
VPN
.
.
VPN
VPN PPTP L2TP
:-
VPN connection
439
440
Disable
Configuring and Enable
Routing and remote Access
441
:-
442
Next ....
443
444
Clients
IP address :-
: DHCP Server
: IP
.
Next
445
Next
446
Finish
447
OK
448
Server
...
449
+ Server
450
Server
Server Properties
451
General Tab
452
Security Tab
453
Authentication Methods
athentications
454
IP Tab IP
" " .
455
PPP Tab
456
Logging Tab
Server
457
458
459
460
RAS Server
461