Please enable JavaScript.
Coggle requires JavaScript to display documents.
Remote Access Solution in Windows Server Environment - Coggle Diagram
Remote Access Solution in Windows Server Environment
Virtual Private Network (VPN)
Site to Site
a permanent connection designed to function as an encrypted link between offices (i.e., “sites”). This is typically set up as an IPsec network connection between networking equipment.
Benefic:
Watertight Internal Network
Operational efficiency
Scalability
Remote access
a temporary connection between users and headquarters, typically used for access to data center applications. This connection could use IPsec, but it is also common to use an SSL VPN to set up a connection between a user’s endpoint and a VPN gateway.
Routing Information Protocol (RIP)
a protocol that routers can use to exchange network topology information. It is characterized as an interior gateway protocol, and is typically used in small to medium-sized networks.
Network Address Translation
network address translation. It’s a way to map multiple local private addresses to a public one before transferring the information. Organizations that want multiple devices to employ a single IP address use NAT, as do most home routers.
Different Types of nat:
Static NAT (Network Address Translation)
one-to-one mapping of a private IP address to a public IP address. Static NAT (Network Address Translation) is useful when a network device inside a private network needs to be accessible from internet.
Dynamic NAT (Network Address Translation)
it's can be defined as mapping of a private IP address to a public IP address from a group of public IP addresses called as NAT pool. Dynamic NAT establishes a one-to-one mapping between a private IP address to a public IP address. Here the public IP address is taken from the pool of IP addresses configured on the end NAT router. The public to private mapping may vary based on the available public IP address in NAT pool.
PAT (Port Address Translation)
another type of dynamic NAT which can map multiple private IP addresses to a single public IP address by using a technology known as Port Address Translation.
Network Policy Server (NPS)
the Microsoft implementation of a Remote Authentication Dial-in User Service (RADIUS) server and proxy. It is the successor of Internet Authentication Service (IAS).
Different Types of NAT:
Static NAT (Network Address Translation)
one-to-one mapping of a private IP address to a public IP address. Static NAT (Network Address Translation) is useful when a network device inside a private network needs to be accessible from internet.
Dynamic NAT (Network Address Translation)
it's can be defined as mapping of a private IP address to a public IP address from a group of public IP addresses called as NAT pool. Dynamic NAT establishes a one-to-one mapping between a private IP address to a public IP address.
PAT (Port Address Translation)
another type of dynamic NAT which can map multiple private IP addresses to a single public IP address by using a technology known as Port Address Translation.
Network Policy Server (NPS)
the Microsoft implementation of a Remote Authentication Dial-in User Service (RADIUS) server and proxy. It is the successor of Internet Authentication Service (IAS).
The 3 Roles of NPS:
RADIUS Server
NPS performs AAA for wireless, switch, remote access dial-up, and VPN connections as a RADIUS server. Administrators configure network access servers — e.g., WAP and VPN servers — as RADIUS clients, and log event data on the local hard disk or a SQL Server database.
RADIUS Proxy
NPS can configure access policies and manage which RADIUS server a connection request delivers as a RADIUS proxy.
Access Protection
As remote work and BYOD policies present various devices to networks, administrators need to know which endpoints are trustworthy. The NPS can act as a health validator for client devices through indicators like patched software, firewalls, and malware definitions