Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Certificate Services: Chennai S Premier Networking Training Centre

    Hochgeladen von

    sivasankar015
    19 Ansichten47 Seiten
    A smart card is essentially a miniature computer, embedded in plastic in the form of a credit card, with limited storage and processing capability. Smart cards can be used to access the Internet using a number of methods, including e-mail, instant messaging, instant messaging and instant messaging. The circuitry in smart cards derives power from a reader after the card is swiped.

    Originalbeschreibung:

    Originaltitel

    MCSE 04 Planning of a Network Infrastructure 01 Theory

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PPS, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    A smart card is essentially a miniature computer, embedded in plastic in the form of a credit card, with limited storage and processing capability. Smart cards can be used to access the Internet using a number of methods, including e-mail, instant messaging, instant messaging and instant messaging. The circuitry in smart cards derives power from a reader after the card is swiped.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PPS, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    19 Ansichten47 Seiten

    Certificate Services: Chennai S Premier Networking Training Centre

    Hochgeladen von

    sivasankar015
    A smart card is essentially a miniature computer, embedded in plastic in the form of a credit card, with limited storage and processing capability. Smart cards can be used to access the Internet using a number of methods, including e-mail, instant messaging, instant messaging and instant messaging. The circuitry in smart cards derives power from a reader after the card is swiped.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PPS, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 47

    Certificate Services

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Topics of Discussion
    Certificate Authority overview Certificate Authority configuration Smart card logon Troubleshooting Certificate Authority

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Certificate Authority Overview


    Windows 2003 CA policies Enterprise CA Stand-alone CA

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Certificate Authority Overview


    Windows 2003 CA policies Enterprise policies Stand-alone policies
    Active Directory Authentication Certificate templates

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Certificate Authority Overview


    Enterprise CA
    Active Directory Windows 2003 security model Templates
    CA certificate templates CA enrollment CA security model

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Certificate Authority Enterprise CA


    CA enrollment
    User domain authentication Computer auto-enrollment

    CA security model
    Controlling enrollment through DACLs (discretionary access control lists)

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Certificate Authority
    Enrollment
    Web-based Group Policy

    Hierarchy of Certificate Authorities


    Enterprise Intermediate Subordinate Offline root CA

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Certificate Authority
    Enterprise CA security model
    DACLS Revoking certificates Renewing the CA

    Certificate revocation lists


    CDP (certificate distribution points) Publication

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Certificate Authority Stand-alone CA


    Active Directory Templates

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Certificate Authority Configuration


    Stand-alone CA
    Stand-alone subordinate CA Root CA

    Enterprise CA
    Root CA Intermediate CA Enterprise subordinate CA
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Smart Card Logon


    What is a smart card? What is PKI (public key infrastructure)? Active Directory and Kerberos concepts Authentication Deployment

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    What Is a Smart Card?


    A smart card is essentially a miniature computer, embedded in plastic in the form of a credit card, with limited storage and processing capability. The circuitry in a smart card derives power from a smart card reader after the card is inserted into the reader.

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    What is PKI?
    A public key infrastructure (PKI) is a set of components that manages certificates and keys used by encryption and digital signature services. A good PKI must provide services for cryptographic operations, certificate enrollment and renewal, certificate distribution and validation, certificate revocation, plus administrative tools and services for managing all of the above.
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Active Directory and Kerberos Concepts


    Kerberos PKINIT Key Distribution Center
    Authenticating service TGS (ticket granting service)

    Active Directory

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Authentication
    Interactive logon Logon request Certificate verification Offline logon Remote access Local versus domain logon

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Deploying Smart Cards


    Who should use smart cards? What policies are needed?
    Smart card required On smart card removal

    Personal identification numbers

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    How Should Smart Cards Be Issued?


    Smart Card Enrollment Station Enrollment agent

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Troubleshooting Smart Card Logon


    Strategies Optimizations Considerations DSSTORE tool

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Strategies
    Effects of latency caused by Active Directory replication
    Time lag for validity of Smart Card Enrollment Station Authenticating domain controllers may not be aware of a new CA Enrollment against an enterprise CA requires a root certificate to be in the chain

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Optimizations
    Certificate revocation lists (CRL)
    When a certificate is revoked, it appears in the issuers CRL Smart card logon uses Microsoft Cryptographic Application Program Interface (CryptoAPI) 2.0
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    CRLs are cached in the context of the user or computer and updates occur after its expiration Recommended CRL lifetime of 24 hours

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Considerations
    Properly removing a root CA
    Remove root CAs certificate from manually created Group Policy objects Remove the root CA certificate from the root certificate store

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Delete certificates for the root CA

    Properly removing a subordinate CA


    The certificate should be revoked by its issuer

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    DSSTORE Tool
    Included in the Windows 2003 Resource Kit Provides the following abilities:
    Force auto-enrollment events Manage and verify certificates List certificates in the enterprise Troubleshoot certificate chains

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Wireless Networking

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Wireless Networking - any networking that doesnt use a wire Radio Waves - electromagnetic waves that travel through the air and are used to carry signals back and forth between your device and an access point (two ways)

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Access Points - network nodes connected directly to a wired local area network (air wire) Wireless Ports - devices that you plug into a computer to enable wireless connection -- PCMCIA wireless cards for portables -- PCI and USB adapters for desktops
    * Some computers nowadays come with these devices already built into the computers
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    PCMCIA wireless card


    Used For Portables:

    PCMCIA wireless card

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    PCI and USB adapters


    Used For Desktops: PCI adapter (inside) USB adapter (outside)

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Common Types of Wireless Networking

    IrDA
    Bluetooth IEEE 802.11

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    IrDA
    Established in 1993

    Cheap Infrared connection (same basic technology as is used in a TV remote control) Low power Very short range (3 - 6 ft)
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Bluetooth
    Introduced in 1998

    Emerging replacement for IrDA to connect peripherals/devices to computers or cell phones Can connect up to 8 devices Very low power Short range (typically within a room)
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    IEEE 802.11
    Multiple flavors (802.11a, b, & g) 802.11b was first widespread technology. 802.11g is the latest technology and it offers the same data rate as 11a, but uses the same frequency as 11b.

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Uses for Wireless Networking


    Connecting mobile professionals/workers to company networks and to the Internet (instant data when you need it)
    -- Store clerks doing inventory -- Store clerks helping customers get more info on a product -- Airport gate personnel getting information on plane status, passengers, -- Managers in a meeting room sharing information

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    WLANs
    Wireless networks come in three major modes: Ad hoc Infrastructure Hybrid.

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Ad hoc
    Ad hoc mode refers to a wireless peer-to-peer network: that is, a network in which each device (usually a PC) connects via wireless radio to every other PC directly. The primary technical distinction between ad hoc and infrastructure networks is that infrastructure networks use an access point, while ad hoc networks do not. you connect each PC as you require it, but in a completely non-centralized way.
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Ad hoc

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Infrastructure
    Infrastructure mode refers to a wireless network controlled through a wireless access point that generates the signals for the individual devices to read through their wireless network adapters. The access point acts as a central traffic cop for the signals, and because you place it physically for the best possible reception, it provides more reliable connectivity than ad hoc networks.

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Infrastructure

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Hybrid mode
    Hybrid mode consists of a combination of ad hoc and infrastructure networks. In this mode, you create an infrastructure network, and you then create ad hoc networks among the devices connected to the infrastructure. Hybrid mode maximizes the bandwidth of a wireless network by relieving the access point of the need to handle all traffic; instead, PCs transmit data to one another when possible, leaving the access point free to relay data to and from the wired LAN and to other access Training Centre points. ADVANTAGE PRO Chennais Premier Networking

    Hybrid mode

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Wireless Security
    Wireless Security

    Very Important!!! Why is it important? -- to control who is allowed in -- to prevent eavesdropping


    Two mechanisms for enforcing security: -- Authentication (who are you?) -- Encryption (coded)
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    IEEE Standards
    IEEE 802.11 Multiple flavors (802.11a, b, & g) 802.11b was first widespread technology. 802.11g is the latest technology and it offers the same data rate as 11a, but uses the same frequency as 11b.

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    IEEE 802.11b,a, & g


    STANDARD 802.11b 11 Mbps SPEED 100 150 feet indoors RANGE 2.4Ghz, a band already crowded with cordless phones Hot spots are already established using b. Equipment is readily available. 5Ghz, an uncrowded band More common in corporate and office environments. 2.4Ghz, still a crowd of cordless phones and microwaves g is compatible with the specs for b, meaning it can be used on a network based on b or g versions. 25 75 feet indoors 100 150 feet indoors 802.11a 54 Mbps 802.11g 54 Mbps

    FREQUENCY

    ACCEPTANCE

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Uses of Wireless Networking


    Connecting mobile machines to support or service centers -- Elevators (Kone has 100,000 elevators in Florence under service contract) -- Cars (airbag discharged) -- Vending machines -- Tracking movement and status of big, expensive machines (forestry logging equipment, )
    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Uses of Wireless Networking


    Making all of our lives easier and better
    -- Access to personal data and records while away from home -- Entertainment -- Use our computing devices throughout the house rather than just one spot -- Microwaves do all of the work for you -- Groceries get sent straight to your door

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    ALL THE

    BEST

    ADVANTAGE PRO Chennais Premier Networking Training Centre

    Das könnte Ihnen auch gefallen