Information Technology Reference
In-Depth Information
Thought experiment
Configuring different servers for different users
In this thought experiment, apply what you've learned about this objective. You can
find answers to these questions in the “Answers” section at the end of this chapter.
You are the network administrator for TreyResearch.net and are designing a Remote
Access policy to support connection for different groups of users. Network admin-
istrators will have access to dial-up modems, and the HR department has special
requirements to ensure additional security.
1.
How do you need to configure the dial-up access? Will you need to have a
separate NPS server?
2.
How can you configure extra security for HR without requiring it for everyone?
3.
Can you use a single server to implement these requirements? What are the
considerations?
■
NPS can be configured as a RADIUS server or a RADIUS proxy.
■
RADIUS can be used for both VPN and dial-up authentication and authorization.
■
As a RADIUS proxy, NPS can connect to other Microsoft NPS servers or to third-party
RADIUS servers.
■
Use priority and weighting to load balance groups of RADIUS servers in RADIUS server
groups.
■
RADIUS clients can be network access servers or other RADIUS servers.
■
NPS and RADIUS settings can be configured in templates to simplify deployment.
■
RADIUS Accounting logs user authentication and accounting requests, and can use a
local file or a SQL Server database.
■
Use certificates for client authentication and server authentication.
1.
When installing NPS as a RADIUS proxy, which NPS role services are required in
Windows Server 2012 R2? (Choose all that apply.)
A.
NPS
B.
Health Registration Authority
C.
Host Credential Authorization Protocol
D.
Routing and Remote access service (RRAS)
