HANDS ON LAB: GETTING STARTED WITH SECURITY AND POLICY
CONTROL IN WINDOWS SERVER 2008
Cod. 6407- Durata: 1,5 ore
Sommario
About this hands on lab
Audience
Completion
Prerequisites
Outline
About
This hands on lab
This is a companion lab for hands on lab 6406B - First Look: Getting Started
with Security and Policy Control in Windows Server 2008.
This one and one-half hour lab provides hands-on experience with the
following security and policy enforcement functionality in Windows Server
2008: Security Enhancements in Windows Server 2008, Network Access
Protection in Windows Server 2008.
Audience Profile
IT professionals currently experienced on the technologies included in
Microsoft Windows Server 2000 and/or Microsoft Windows Server 2003, and who
hold a Microsoft Certified Systems Engineer (MCSE) or Microsoft Certified
Systems Administrator (MCSA) certification and/or equivalent knowledge.
COMPLETION
After completing this lab, you will be able to:
- Use Windows Firewall with Advanced Security to configure domain
isolation with IPsec.
- Enforce network communications policy using Policy-based QOS.
- Implement Network Access Protection to enforce minimum standards for
computers before they connect to the corporate network.
Prerequisites:
- An understanding of network protocols and communication including
IPsec.
- An understanding of firewalls.
- An understanding of Microsoft Active Directory.
- An understanding of Group Policy.
Torna all'inizio
hands on lab Outline
Exercise 1: Creating a
Communications Security Policy for Roaming Users
After completing this module,
students will be able to:
-
Create a Policy for
roaming users.
-
Configure Windows
Firewall with Advanced Security.
-
Create Inbound Rule for
Management Application in Domain Profile.
-
Create Firewall Exemption
for Domain Administrators.
-
Verify that the Roaming
User Policy is Applied.
-
Configure Domain
Isolation using WFAS
-
Apply the New Group
Policy Settings
-
Test the Domain Isolation
Policy
-
Configure the Connection
Security Rule to Encrypt IPsec Connections
-
Configure WFAS to Require
Secure Encrypted Connections
-
Clear all WFAS Settings
-
Refresh WFAS
Exercise 2: Managing Network
Bandwidth using Windows Quality of Service (QOS)
After completing this module,
students will be able to:
-
Create a Custom
Administrative Tool to Monitor the Effects of QOS
-
Create and Share a folder
-
Perform a Test Upload
-
Create a QOS Policy for
Managed Desktops
-
Perform a New Test
Exercise 3: Network Access
Protection with Windows Server 2008
After completing this module,
students will be able to:
-
Review the Membership of
the IPsec NAP Exemptions Global Group
-
Create a Certificate
Template for NAP Exemptions
-
Enable Certificate
AutoEnrollment for Domain Members
-
Configure the Network
Policy Server to Issue Health Certificates
-
Configure the Health
Registration Authority to Request Certificates from the Subordinate
CA
-
Add a System Health
Validation Certificate to the Network Policy Server
-
Configure the Network
Policy Server
-
Configure Group Policy to
Ensure Client Computers are Configured to Implement NAP
-
Update Client Computers
to Enforce NAP Policy
-
Verify Network Access
Protection
Torna all'inizio