Microsoft MCSE Planning and Designing Group Policy users authenticated
Microsoft does not recommend password-based systems and instead sug- gests using certificate-based systems for all access systems that support their use. The far more recommended and secure method of authenticating user Microsoft Exam identities for network policies is using certi?cates. Certi?cates, as you know, are individualized methods for ensur- ing user identity with a combination of public and private keys, normally utilizing 128-bit encryption. These certi?cates are assigned by a certi?cate authority, such as VeriSign, or any machine running Active Directory Certi?cate Services (AD CS). In Windows Server 2008, remote network users authenticated by certi?cates using remote protocols such as VPN utilize powerful authentication protocols, such as Extensible Authen- tication Protocol-Transport Level Security (EAP-TLS), Protected Extensible Authentication Protocol (PEAP), or Internet Protocol Security (IPsec) to protect against unauthorized access: EAP-TLS and PEAP EAP-TLS and PEAP are two-way, certi?cate-based authentications that always authenticate on the server end and can be con?gured to require both client and server authentication. To implement one of these types of security certi?cates, they must have a purpose con?gured in the extended key usage (EKU) that matches the certi?cate use. Additionally, they must meet the requirements of X.509 for certi?cates and the requirements for Secure Sockets Layer (SSL). IPsec IPsec is a very secure, network layer authentication protocol that can CCNA Exam support certi?cates. Its most common use is for VPN access, but it can be used for various net- work authentication purposes through the enterprise. However, IPsec is limited in that it is designed to work only over IP, so it is highly speci?ed. But, it is available on Windows Server 2008, 2003, and Windows 2000 operating systems. Additionally, IPsec has the ability to be con?gured within Group Policy at the domain, site, or OU level. This allows an administrator to create powerful authentication policies for individuals at a very granular level.
Processing your request, Please wait....
