Case Study: Lucerne Publishing in .NET

Generator QR Code ISO/IEC18004 in .NET Case Study: Lucerne Publishing

Case Study: Lucerne Publishing
Paint QR Code In .NET Framework
Using Barcode creator for .NET Control to generate, create QR image in .NET framework applications.
www.OnBarcode.com
QR Recognizer In .NET Framework
Using Barcode decoder for .NET Control to read, scan read, scan image in .NET applications.
www.OnBarcode.com
You are the network manager for Lucerne Publishing. Lucerne Publishing has sev eral acquisition editors who work remotely from their home offices and require access to resources on the corporate network.
Bar Code Encoder In .NET Framework
Using Barcode maker for VS .NET Control to generate, create bar code image in .NET applications.
www.OnBarcode.com
Read Barcode In VS .NET
Using Barcode reader for .NET framework Control to read, scan read, scan image in Visual Studio .NET applications.
www.OnBarcode.com
19:
Drawing QR Code In Visual C#.NET
Using Barcode creation for Visual Studio .NET Control to generate, create Quick Response Code image in VS .NET applications.
www.OnBarcode.com
Paint QR Code JIS X 0510 In .NET Framework
Using Barcode creation for ASP.NET Control to generate, create QR image in ASP.NET applications.
www.OnBarcode.com
Virtual Private Networking
Paint QR Code In Visual Basic .NET
Using Barcode encoder for .NET framework Control to generate, create QR-Code image in Visual Studio .NET applications.
www.OnBarcode.com
Paint Code 3/9 In Visual Studio .NET
Using Barcode generation for VS .NET Control to generate, create Code 3/9 image in .NET applications.
www.OnBarcode.com
Scenario
Code128 Creator In VS .NET
Using Barcode generation for VS .NET Control to generate, create Code 128A image in .NET framework applications.
www.OnBarcode.com
Generate Bar Code In .NET
Using Barcode encoder for Visual Studio .NET Control to generate, create barcode image in .NET applications.
www.OnBarcode.com
To allow VPN access, you propose implementing a VPN server, running Windows Server 2003, Enterprise Edition, at each of the major offices, as shown in Figure 19-4.
Data Matrix Maker In .NET Framework
Using Barcode creator for .NET framework Control to generate, create DataMatrix image in VS .NET applications.
www.OnBarcode.com
MSI Plessey Creator In .NET
Using Barcode printer for .NET framework Control to generate, create MSI Plessey image in Visual Studio .NET applications.
www.OnBarcode.com
VPN Server Frankfurt
Painting Code-128 In Java
Using Barcode creation for Android Control to generate, create Code 128C image in Android applications.
www.OnBarcode.com
PDF 417 Generator In None
Using Barcode creation for Font Control to generate, create PDF-417 2d barcode image in Font applications.
www.OnBarcode.com
Winnipeg
Generating Code 3/9 In Visual Studio .NET
Using Barcode printer for Reporting Service Control to generate, create Code 3/9 image in Reporting Service applications.
www.OnBarcode.com
Barcode Reader In None
Using Barcode scanner for Software Control to read, scan read, scan image in Software applications.
www.OnBarcode.com
Kuala Lumpur
Barcode Creator In Java
Using Barcode encoder for BIRT reports Control to generate, create bar code image in BIRT reports applications.
www.OnBarcode.com
Bar Code Encoder In Objective-C
Using Barcode maker for iPad Control to generate, create bar code image in iPad applications.
www.OnBarcode.com
VPN Server
UCC - 12 Creation In Java
Using Barcode drawer for Java Control to generate, create UPCA image in Java applications.
www.OnBarcode.com
DataMatrix Creator In .NET Framework
Using Barcode encoder for ASP.NET Control to generate, create Data Matrix image in ASP.NET applications.
www.OnBarcode.com
VPN Server
Figure 19-4
VPN Server Placement for Lucerne Publishing
To facilitate the issuance of certificates, Lucerne Publishing has implemented a two-tier CA hierarchy, as shown in Figure 19-5.
CA Name: Lucerne Publishing Root CA CA Validity Period: 20 Years
CA Name: Lucerne Publishing Americas CA CA Validity Period: 10 Years
CA Name: Lucerne Publishing EMEA CA CA Validity Period: 10 Years
CA Name: Lucerne Publishing APAC CA CA Validity Period: 10 Years
Figure 19-5
The Lucerne Publishing CA hierarchy
Part III: Deploying Application-Specific Solutions
The following design requirements have been identified for VPN deployment:
The VPN servers are configured with two network interfaces, one attached to the corporate network and one attached to the Internet, allowing connections to the VPN server. The VPN servers are configured so that the servers will only accept L2TP/IPSec connections from the VPN clients. Any attempts to commu nicate with the VPN servers with protocols other than L2TP/IPSec will fail. Lucerne Publishing employees will use a mix of Windows 98, Windows 2000, and Windows XP computers when they connect to the corporate network. Lucerne Publishing plans to use L2TP/IPSec for all VPN communications between the remote employees and the corporate network. In addition, all authentication initially will be performed by the users typing their user account and password. In the future, Lucerne Publishing plans to change the authentication to require smart cards. All connections between the VPN clients and the VPN servers must enforce mutual authentication. To prevent access to the network if a virus attack occurs, management wants the ability to immediately shut down all VPN access to the network at any given time. Many of the acquisition editors computers are not members of the forest. Methods must be developed to provide certificates for the VPN connection to these editors.
Case Study Questions
1. What authentication protocol must be enforced for VPN communications to meet the initial authentication requirements 2. What certificates are required for the initial VPN solution Provide your answers in the following table.
Principal VPN User VPN Client Computer RADIUS Server VPN Server Certificate
3. What authentication protocol must be enforced for VPN communications to meet the modified authentication requirements to enforce smart card authenti cation
19:
Virtual Private Networking
4. What certificates are required for the modified VPN solution that uses smart cards Provide your answers in the following table.
Principal VPN User VPN Client Computer RADIUS Server VPN Server Certificate
5. How can Lucerne Publishing implement the ability to immediately shut down all VPN access 6. What certificate template(s) are required for the L2TP/IPSec tunnel What CA should you publish the certificates at 7. What method could you use to deploy the IPSec certificates to forest member computers 8. What method could you use to deploy the IPSec certificates to nonforest mem ber computers 9. When Lucerne Publishing switches to using Smart Card certificates, how can the Smart Card certificate template be modified to further restrict VPN access to the network 10. What certificate(s) would you deploy at the VPN server when using RADIUS authentication 11. What application would you use to configure the client computers to ensure that the VPN client software is correctly configured 12. What additional VPN software is required for some of the home computers
Additional Information
Deploying Virtual Private Networks with Microsoft Windows Server 2003 (www.microsoft.com/mspress/books/5519.asp) Virtual Private Networking with Windows Server 2003: Overview (www.microsoft.com/windowsserver2003/techinfo/overview/vpnover.mspx) Virtual Private Networking with Windows Server 2003: Deploying Remote Access VPNs (www.microsoft.com/technet/treeview/default.asp url=/technet /prodtechnol/windowsserver2003/deploy/confeat/vpndeplr.asp)
Part III: Deploying Application-Specific Solutions
Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site VPNs (www.microsoft.com/technet/treeview/default.asp url=/technet/prodtechnol /windowsserver2003/deploy/confeat/vpndpls2.asp) Microsoft s Virtual Private Networks for Windows Server 2003 Web Portal (www.microsoft.com/windowsserver2003/technologies/networking/vpn/default .mspx) Virtual Private Networking with Windows Server 2003: An Example Deploy ment (www.microsoft.com/technet/treeview/default.asp url=/technet/prodtechnol /windowsserver2003/deploy/confeat/vpnexamp.asp) Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab (www.microsoft.com/technet/prodtechnol/windowsserver2003/deploy/confeat /rmotevpn.asp frame=true) Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab (www.microsoft.com/downloads/details.aspx FamilyID=93fd20e7e73a-43f6-96ec-7bcc7527709b&DisplayLang=en) Microsoft L2TP/IPSec VPN Client for Windows 98, Windows Millennium Edition, and Windows NT 4.0 Workstation (www.microsoft.com/windows2000/server /evaluation/news/bulletins/l2tpclient.asp) Microsoft Internet Authentication Services Web Portal (www.microsoft.com /windowsserver2003/technologies/ias/default.mspx) RFC 2637: Point-to-Point Tunneling Protocol (PPTP) (www.ietf.org/rfc /rfc2637.txt) RFC 2661: Layer Two Tunneling Protocol L2TP (www.ietf.org/rfc/rfc2661.txt) RFC 3193: Securing L2TP Using IPSec (www.ietf.org/rfc/rfc3193.txt) Knowledge Base Article 248711: Mutual Authentication Methods Supported for L2TP/IPSec Knowledge Base Article 248750: Description of the IPSec Policy Created for L2TP/IPSec Knowledge Base Article 254442: Windows 2000 L2TP/IPSec Interoperation with Third-Party Manufacturers Knowledge Base Article 255784: Increasing Security on Windows 2000 VPN Server Knowledge Base Article 259335: Basic L2TP/IPSec Troubleshooting in Win dows 2000 Knowledge Base Article 314831: Basic L2TP/IPSec Troubleshooting in Win dows XP
19:
Copyright © OnBarcode.com . All rights reserved.