Windows 2000 Virtual Private Networking

( 9 )

Overview

Substantial interest in VPN has been created by concerns for privacy and data protection. You, the administrator must be aware of security concepts and network designs, and yet, customers require flexible network environments that will satisfy the needs of today's computer users. You must support laptop users, home LAN environments, complex branch offices, and more--all within a secure and effective network design. The way you implement VPNs in Windows 2000 is different than any other operating system. Windows ...
See more details below
Paperback (New Edition)
$54.99
BN.com price
Other sellers (Paperback)
  • All (13) from $1.99   
  • New (6) from $42.98   
  • Used (7) from $1.99   
Sending request ...

Overview

Substantial interest in VPN has been created by concerns for privacy and data protection. You, the administrator must be aware of security concepts and network designs, and yet, customers require flexible network environments that will satisfy the needs of today's computer users. You must support laptop users, home LAN environments, complex branch offices, and more--all within a secure and effective network design. The way you implement VPNs in Windows 2000 is different than any other operating system. Windows 2000 Virtual Private Networking will cover all aspects of both the tunnel client. Microsoft is using PPTP, L2TP and IPSec all in this one product and the configuration of both tunnel and transport configuration can be very complex. This book covers what you, the network designer can do with this capability; new VPN features that can affect Active Directory replication; network address translation; Proxy and more will be covered in depth.
Read More Show Less

Editorial Reviews

From The Critics
Substantial interest in VPN has been created by concerns for privacy and data protection. However, VPNs implementation in Windows 2000 is different than any other operating system. Microsoft is using PPTP, L2TP and IPSec all in Windows 2000 Virtual Private Networking and the configuration of both tunnel and transport configuration can be very complex. Thaddeus Fortenberry's Windows 2000 Virtual Private Networking covers what the network designer can do with this increased capability, new VPN features that can affect Active Directory replication, and network address translation. 408 pp.
Read More Show Less

Product Details

  • ISBN-13: 9781578702466
  • Publisher: Pearson Technology Group 2
  • Publication date: 1/19/2001
  • Series: Circle Series
  • Edition description: New Edition
  • Pages: 384
  • Product dimensions: 7.50 (w) x 9.25 (h) x 0.79 (d)

Meet the Author

Thaddeus Fortenberry, MCSE, MCT is a leading expert in Virtual Private Networking and the Windows platform. As Compaq's Program Manager of Virtual Private Networks, he designs the global specifications for tunneling and deploying tunnel servers. He has been working with Windows NT since its initial release, and he worked in a support role specializing in VPNs and networking for the Windows 2000 Rapid Deployment Program participants at Microsoft. Thaddeus also assisted in administering and deploying Compaq's Qtest Active Directory┬┐the second largest pre-release deployment of Windows 2000 Active Directory. In addition, he was the key architect of the HappyVPN test network┬┐a deployment of Active Directory over a distributed network based entirely on VPN links using Windows 2000 tunneling technologies.

Read More Show Less

Read an Excerpt

Chapter 1: What Is a Virtual Private Network?

In recent years, as more companies have come to require network connections to central offices, the need has grown for inexpensive, secure communications with remote users and offices. Although they're known to be reliable and secure, dedicated circuits and leased lines are not financially feasible for most companies. A Virtual Private Network (VPN) simulates a private network by utilizing the existing public network infrastructure, usually the Internet. The network is termed "virtual" because it uses a logical connection that is built on the physical connections. Client applications are unaware of the actual physical connection and route traffic securely across the Internet in much the same way traffic on a private network is securely routed. When the VPN is configured and initiated, applications will not be able to tell the difference between the virtual adapter and a physical adapter.

When a Virtual Private Network is properly set up, it combines public networks (such as the Internet), Frame Relay, and Asynchronous Transfer Mode (ATM) into a wide area network (WAN) that a dialup link treats as a private network. Once the VPN infrastructure is defined and configured, it provides seamless integration that enables the network to be viewed the same as a private network.

History of Virtual Private Networks

So how did VPNs get to where they are today? Until just a few years ago, VPNs were basically nonexistent. Recently, VPNs have experienced a lot of movement and development in a relatively short period of time as corporate demand to stay connected with users has increased.

A few vendors, such as IBM, Microsoft,and Cisco Systems, Inc., started developing tunneling technologies in the mid `90s. Although products such as IPX and SNA over IP tunneling were available several years ago, they were very specific to their environments and of limited use to the industry as a whole. The industry needed a tunnel solution that could be standardized for all types of traffic. Much of this push toward standardization was based on the acceptance and standardization of TCP/IP.

In 1996, several vendors realized the importance of VPNs, and many of these companies worked together to define tunneling protocols. These tunneling protocols facilitated two major VPN solutions: Point-to-Point Tunneling Protocol (PPTP), created by Microsoft, Ascend, 3Com, and US Robotics, and Layer 2 Forwarding (L2F), created by Cisco. Because both of these solutions are vendor-specific, proprietary protocol interoperability is limited to products from supporting vendors. PPTP and L2F are Open Systems Interconnection (OSI) Layer 2 tunneling protocols that were designed to transport Layer 3 protocols, such as Apple Talk, IP, and IPX, across the Internet. To do this, PPTP and L2F leveraged the existing Layer 2 PPP standard to transport different Layer 3 protocols across serial links. The Layer 3 packets were encapsulated into PPP frames and then encased in IP packets for transport across the IP-based network. Because neither protocol provides data encryption, authentication, or integrity functions that are critical to VPN privacy, these functions must be added as separate processes. PPTP is discussed in detail in Chapter 4, "Point-to-Point Tunneling Protocol (PPTP)".

Driven by the shortcomings of the existing tunneling protocols, in 1997 standardization and planning began to take place. This began with the introduction of Layer 2 Transport Protocol (L2TP) and Internet Protocol Security (IPSec) by the Internet Engineering Task Force (IETF). Because L2TP and IPSec are a multivendor effort, interoperability is not as much a problem as it was for their predecessors. Being a Layer 2 protocol, L2TP allowed for multiprotocol support over an IP-based network. This means that it was not restricted to a specific protocol but could be used to transport several different protocols. The L2TP specification has no built-in data security functions and requires IPSec for data security in transport mode. L2TP is covered in Chapter 7, "Layer 2 Tunneling Protocol (L2TP)."

Because tunneling technology had matured to a point that administrators were able to actually use it, the deployment of tunneling clients became more widespread. Additionally, Windows NT provided the administrator with basic network functions, such as auditing, accounting, and alarms, which allowed for easy implementation and monitoring.

In 1998, VPNs continued to mature with centralized user management, better network management, and enhanced authentication and encryption. Microsoft worked on the Windows NT 4.0 tunneling solution, updating the protocol and the security-related process. Many clients were updated to include tunnel client software for a more streamlined configuration.

1999 saw the introduction of effective VPNs with new features, such as a standards-based authentication model, an easier interface for server configuration, and additional client configuration tools. With the new authentication model, the smart cards that could be deployed for client access increased security and integration of VPNs into consumer devices. Therefore, VPN use by telecommuters became widespread, and corporate use of VPNs for branch office links increased. Windows 2000 has a mature VPN option that provides the necessary features for a secure and manageable tunneling solution that is dramatically less expensive than a hardware solution and/or leased lines. Microsoft has fully committed to implementing VPN technologies in Windows 2000 because they predict that VPNs will be an important element in corporate networks in the near future. Windows 2000 not only comes with built-in support for IPSec, L2TP, and PPTP, but also delivers a full suite of securityrelated services ranging from full Remote Authentication Dial-In User Service (RADIUS) support to the Extensible Authentication Protocol (EAP). Windows 2000 VPN services are discussed in more detail in Chapter 3, "VPN Features in Windows 2000."

How a Virtual Private Network Works

As stated previously, a Virtual Private Network is essentially a "private tunnel" over a public infrastructure. To emulate a private network link, the VPN encapsulates data with a header that provides routing information, which enables the data to travel the public network (normally the Internet) from the source to the destination. To emulate a private link, the VPN encrypts the encapsulated data being sent for confidentiality, authenticity, and guaranteed integrity. Packets that are intercepted on the public network are unreadable without the encryption keys. A link in which the data is encapsulated and encrypted is known as a VPN, or tunnel, connection.

VPNs can be maintained by a variety of devices. It is now possible to have a Windows 2000 server connect to a router with an encrypted tunnel, or another Windows 2000 device, or a firewall, or anything that uses the standard protocols and support that encryption mechanizes...

Read More Show Less

Table of Contents

Preface
Introduction
1 What Is a Virtual Private Network? 1
2 Basic Virtual Private Network Deployment 13
3 VPN Features in Windows 2000 31
4 Point-to-Point Tunneling Protocol (PPTP) 43
5 Certificates 67
6 Internet Protocol 101
7 Layer 2 Tunneling Protocol (L2TP) 145
8 NAT and Proxy Servers 167
9 Connection Manager, Remote Access Policy, and IAS 209
10 Routing and Filtering 235
11 Name Resolution in Windows 2000 261
12 Active Directory Design in VPNs 279
A History and Context of Virtual Private Networking 301
Troubleshooting 313
Windows 2000 to Cisco IOS IPSec Connectivity 321
VPN and Network Futures 343
Index 347
Read More Show Less

Customer Reviews

Average Rating 4.5
( 9 )
Rating Distribution

5 Star

(6)

4 Star

(3)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 9 Customer Reviews
  • Anonymous

    Posted May 15, 2001

    A fantastic VPN manual!

    We are a small company that is deploying Windows 2000 as our VPN solution and had been having problems understanding all of the issues with the deployment. This book puts it all together and explains the whole picture of how the deployment should work. I particularly found the chapter of Proxy and NAT information helpful. I have NEVER seen a book the explains all of the issues and basic differences between different types of connection sharing devices. Also, the book covers about 20 different designs of how you can put together your network with both the tunnel server and the home LANs (a lot of my users have home LANs). It is neat how Thaddeus did not try to tell the reader how they should do it, but rather lists the advantages and disadvantages of each. I cannot recommend this book enough! Thank you.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted February 22, 2001

    Windows 2000 VPN, A Practical Guide

    If you're searching for a book on VPN technologies within the Windows 2000 environment, this book is a must read. The author did a great job explaining real-world approaches to implementing VPNs under different business needs and requirements. I found the book easy to read and well structured, with each chapters devoting in-depth discussions to different aspects of VPN.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted February 23, 2001

    Nice work!

    Once you struggled through the VPN theory, this book can be a great help in configuring your VPN using Win2K. This book distinguishes itself from most of the works I read on VPN, because it also describes HOW to configure your VPN with Win2K. This is the work you want on your shelf next to the RFC's. A recommendation!

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted March 8, 2001

    What a great work!

    This book you must have if you are new in the field of Virtual Private Networking. Book is also recommended for administrators or even designer who are intending to deploy VPN's in Win2k. You can read how to implement your VPN solution step by step. The book includes lots of screen shots of Win2k setup screens and also good - detailed description.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted April 5, 2001

    A must have book for anyone setting up Win2k VPN's

    In have found the book to be an interesting mix of theory and practical how to. It is focused on helping the implementer of VPN's, it cover the basics, the analysis, the policies but most of the book is step by step howto. Good work.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted February 4, 2001

    A must read...

    This book is a must read for anyone who needs to have a basic understanding of VPNs and a must keep for any administrator or designer intending to implement VPNs in Windows 2000. There is enough information to guide you through a full analysis, from security risks to alternative solutions, and all the way to obtaining a cost-effective solution.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted February 5, 2001

    THE book for Windows 2000 VPNs

    I reviewed this book before it went to press and thought it was excellent. I received a copy of the finished book and have already used it on many occasions to help configure Windows 2000 VPNs. This book is not for those looking to learn about VPN technologies, but for those looking to implement VPN services on Windows 2000. It provides detailed step-by-step configuration instructions and I highly recommend it.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted February 4, 2001

    Excellent book for general VPN info as well as Win2000 implementation

    I gave Fortenberry's Win2000 VPN book 4 Stars because I may not be smart enough to recognize a 5 Star book; however, it is a very good book. I am an engineer with a startup involved in Internet security. This book covered many areas of interest involving both Win2000 specifics and general VPN information. We successfully found answers to questions regarding IPSec Drivers and the TCP/IP Stack, NAT limitations, and network design. The book will certainly be on my desk as a valuable reference.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted December 12, 2000

    Thaddeus Fortenberry Rules!

    Great book. Chocked full of useful VPN information. A real page turner!

    Was this review helpful? Yes  No   Report this review
Sort by: Showing all of 9 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)