Information Technology Reference
In-Depth Information
Hyper-V allows you to run multiple operating systems simultaneously on one physical com-
puter. Each virtual operating system runs in its own virtual machine environment. I cover
Hyper-V in detail in Chapter 9: “Use Virtualization in Windows Server 2012.”
IPA M
IP Address Management (IPAM)
is one of the features introduced with Windows
Server 2012 R2. IPAM allows an administrator to customize and monitor the IP address
infrastructure on a corporate network.
Kerberos Authentication
Windows Server 2012 R2 uses the
Kerberos authentication
(ver-
sion 5) protocol and extensions for password-based and public key authentication. The Ker-
beros client is installed as a
security support provider (SSP)
, and it can be accessed through
the
Security Support Provider Interface (SSPI)
.
Managed Service Accounts (gMSAs)
Stand-alone
managed service accounts
, originally
created for Windows Server 2008 R2 and Windows 7, are configured domain accounts that
allow automatic password management and
service principal names
(SPNs) management,
including the ability to delegate management to other administrators.
Networking
There are many networking technologies and features in Windows Server
2012 R2, including BranchCache, Data Center Bridging (DCB), NIC Teaming, and many
more.
Remote Desktop Services
Before Windows Server 2008, we used to refer to this as Ter-
minal Services.
Remote Desktop Services
allows users to connect to virtual desktops,
RemoteApp programs, and session-based desktops. Using Remote Desktop Services allows
users to access remote connections from within a corporate network or from the Internet.
Security Auditing
Security auditing
gives an organization the ability to help maintain the
security of an enterprise. By using security audits, you can verify authorized or unauthor-
ized access to machines, resources, applications, and services. One of the best advantages of
security audits is to verify regulatory compliance.
Smart Cards
Using
smart cards
(referred to as
two-factor authentication
) and their asso-
ciated
personal identification numbers (PINs)
is a popular, reliable, and cost-effective way
to provide authentication. When using smart cards, the user not only must have the physi-
cal card but also must know the PIN to be able to gain access to network resources. This
is effective because even if the smart card is stolen, thieves can't access the network unless
they know the PIN.
TLS/SSL (Schannel SSP)
Schannel
is a security support provider (SSP) that uses the
Secure
Sockets Layer (SSL)
and
Transport Layer Security (TLS)
Internet standard authentication
protocols together. The Security Support Provider Interface is an API used by Windows sys-
tems to allow security-related functionality, including authentication.
Windows Deployment Services
Windows Deployment Services
allows an administrator
to install Windows operating systems remotely. Administrators can use Windows Deploy-
ment Services to set up new computers by using a network-based installation.
Search WWH ::
Custom Search