Please enable JavaScript.
Coggle requires JavaScript to display documents.
Remote Access Solution in Windows Server Environment - Coggle Diagram
Remote Access Solution in Windows Server Environment
Virtual Private Network (VPN)
Site-to-Site
Definition - A site-to-site VPN is a permanent connection designed to function as an encrypted link between offices (i.e., “sites”). This is typically set up as an IPsec network connection between networking equipment.
Criteria - The VPN gateway encapsulates and encrypts all outbound data traffic from one site, sending it through a VPN tunnel over the public internet to a peer VPN gateway at the second site. Upon receiving the transmission, the peer VPN gateway decrypts the content and relays the data onto that office’s LAN.
Features - With a site-to-site VPN, these tunnels go from one location to another, and the only people who can see the data being transferred are users logged onto the network. The VPN uses gateways at each location, which encrypt all traffic that passes through.
Remote Access
Definition- A remote access VPN is a temporary connection between users and headquarters, typically used for access to data center applications. This connection could use IPsec, but it is also common to use an SSL VPN to set up a connection between a user’s endpoint and a VPN gateway.
Criteria - Users connect to the NAS over the internet in order to use a remote access VPN. In order to sign in to the VPN, the NAS requires that users provide valid credentials. To authenticate these credentials, the NAS uses either its own authentication process or a separate authentication server running on the network.
Features -
Secures the Cloud. ...
Enables Remote Access. ...
Encrypts Transmitted Data. ...
Protect cloud environments, staging servers and company databases with total ease.
Routing Information Protocol (RIP)
Definition - The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols which employs the hop count as a routing metric.
Criteria
A protocol that routers can use to exchange network topology information.
It is characterized as an interior gateway protocol and is typically used in small to medium sized networks.
Features - RIP allows only 15 hops in a path. If a packet can't reach a destination in 15 hops, the destination is considered unreachable. Paths can be assigned a higher cost (as if they involved extra hops) if the enterprise wants to limit or discourage their use. For example, a satellite backup link might be assigned a cost of 10 to force traffic to follow other routes when available.
Network Address Translation (NAT)
Criteria - Network address and port translation may be implemented in several ways. Some applications that use IP address information may need to determine the external address of a network address translator. This is the address that its communication peers in the external network detect. Furthermore, it may be necessary to examine and categorize the type of mapping in use
Features - Network Address Translation (NAT) conserves IP addresses by enabling private IP networks using unregistered IP addresses to go online. Before NAT forwards packets between the networks it connects, it translates the private internal network addresses into legal, globally unique addresses.
Definition - is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.[1] The technique was originally used to avoid the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the networks address space.
Network Policy Server (NPS)
Role of NPS
RADIUS proxy. When you use NPS as a RADIUS proxy, you configure connection request policies that tell the NPS which connection requests to forward to other RADIUS servers and to which RADIUS servers you want to forward connection requests.
RADIUS accounting. You can configure NPS to log events to a local log file or to a local or remote instance of Microsoft SQL Server. For more information, see NPS logging.
RADIUS server. NPS performs centralized authentication, authorization, and accounting for wireless, authenticating switch, remote access dial-up and virtual private network (VPN) connections.
Features - As a RADIUS server, NPS performs centralized connection authentication, authorization, and accounting for many types of network access, including wireless, authenticating switch, dial-up and virtual private network (VPN) remote access, and router-to-router connections.
Definition - Network Policy and Access Services is a component of Windows Server 2008. It replaces the Internet Authentication Service from Windows Server 2003. NPAS helps you safeguard the health and security of a network.