Get a glimpse inside Roberta Bragg's book "Hardening Windows Systems" with this series of book excerpts. Below is an excerpt from Chapter 11, "Harden Communications." Click for the complete book excerpt series or purchase the book.
In addition to local area communications, secure remote communications from other networks. Connections with other networks can be secured in a number of ways, but to secure the data as it travels between networks requires additional devices and protocols. Four technologies are currently in use:
- Dial-up access servers have a long history. Many of the legacy systems provide weak authentication and do not encrypt data in flight; however, reliable, securable dial-up access can be implemented using Microsoft tools.
- Virtual private networks (VPNs) are designed to provide tunneled, encrypted, and authenticated communication channels either client-to-server or gateway-to-gateway. Two protocols, PPTP and L2TP/IPSec, are used in Microsoft VPNs.
- The Secure Sockets Layer (SSL) has long been a methodology for authentication and securing communications between client computers and web servers; it is now commonly used as a portal to entire networks.
- Remote access rules can be applied to secure wireless networks. Even though wireless networks are often established as additional internal networks, an intruder could access them from outside the building because no physical access is required to connect to the network. Therefore, wireless networks should be thought about and secured according to remote access rules.
Hardening remote communications consists of hardening servers, clients, devices, and communications streams.
Protect WAN Communications excerpts from Chapter 11 of 'Hardening Windows Systems'
- 1. Harden the Remote Access Server
2. Harden NT 4.0 Remote Access Server Configuration
3. Harden Windows Server 2000 and Windows Server 2003 RRAS Configuration
4. Use L2TP/IPSec VPNs
5. Use Remote Access Policies
6. Harden Remote Access Clients
7. Use IAS to Centralize Authentication, Accounting, and Authorization
8. Secure Wireless Access
To download the complete 'Harden Communications' chapter, click for the .pdf.
Click here to return to the SearchWindowsSecurity.com Book Excerpts Library.
This was first published in March 2005