You are on page 1of 335

Course 2277

:
Implementing,
Managing, and
Maintaining a
Microsoft® Windows®
Server 2003 Network
Infrastructure:
Network Services

Course Outline

Module 1: Configuring Routing by
Using Routing and Remote Access
Module 2: Allocating IP Addressing by
Using Dynamic Host Configuration
Protocol (DHCP)
Module 3: Managing and Monitoring
Dynamic Host Configuration Protocol
(DHCP)
Module 4: Resolving Names
Module 5: Resolving Host Names by
Using Domain Name System (DNS)

Course Outline (continued)

Module 6: Managing and Monitoring
Domain Name System (DNS)
Module 7: Resolving NetBIOS Names
by Using Windows Internet Name
Service (WINS)
Module 8: Securing Network Traffic by
Using IPSec and Certificates
Module 9: Configuring Network Access
Module 10: Managing and Monitoring
Network Access

Setup

The classroom is configured as one
Windows Server 2003 domain:
nwtraders.msft
London is a domain controller and the
instructor computer
Glasgow is a member server and is
used as a remote computer for student
labs
The student computers are running
Windows Server 2003, Enterprise
Edition

Multimedia: Job Roles in Today’s
Information Systems
Environment (optional)

This presentation examines
the relationship between the
technology life cycle,
systems administrators, and
systems engineers

Multimedia: Introduction to the
Core Network Infrastructure

The objective of this presentation
is to provide a high-level overview
of the core network infrastructure
and how network services work
together
After this presentation, you will be
able to:
 Explain the core networking tasks
that users must perform daily
 Discuss the components of the core
network infrastructure, and how
users’ daily tasks fit into the
infrastructure
 Describe how network services work
together to form the core network
infrastructure

Module 1: Configuring Routing by Using Routing and Remote Access .

Overview Multimedia: The Role of Routing in the Network Infrastructure Enabling and Configuring the Routing and Remote Access Service Configuring Packet Filters .

you will be able to:  Describe how routing fits into the network infrastructure  Explain the difference between local and remote routing  Describe how the Microsoft routing solution fits into the network infrastructure .Multimedia: The Role of Routing in the Network Infrastructure The objective of this presentation is to provide a high-level overview of routing in the network infrastructure After this presentation.

Lesson: Enabling and Configuring the Routing and Remote Access Service What Are Routers? What Are Routing Interfaces? What Are Routing Protocols? What Are Routing Tables? Why Use the Windows Server 2003 Routing and Remote Access Service? How to Enable and Configure the Routing and Remote Access Service How to Add a Routing Protocol How to Add Routing Interface to a Routing Protocol .

but performs Software router routing as one of multiple processes running on the router computer Main routing components include: Routing interface Routing protocol Routing table . What Are Routers? Routers are an intermediate system at the network layer that is used to connect networks together based on a common network layer protocol Router types Example A device that performs routing as a Hardware router dedicated function A router that is not dedicated to performing routing only.

What Are Routing Interfaces? A routing interface is an interface over which IP packets are forwarded Two types of routing interfaces: LAN Demand-dial .

What Are Routing Protocols? A routing protocol is a set of messages that routers use to determine the appropriate path to forward data Designed for large RIP OSPF to very large Designed for small networks to medium-size Uses a link-state networks database Uses a routing Complex to table configure and Easier to configure manage and manage Operates Does not scale well efficiently in large networks .

What Are Routing Tables? A routing table is a series of entries called routes that contain information about the location of the network IDs in the internetwork Three types of routing table entries: Network route Host route Default route .

Why Use the Windows Server 2003 Routing and Remote Access Service? Windows Server 2003 Routing and Remote Access is a service that performs routing as one of its multiple processes Internal Remote Site Using Subnets Demand-dial LAN LAN Corp Remote Corp Net Site Net Remote Access Using VPN Tunnel Corp Net .

How to Enable and Configure the Routing and Remote Access Service Your instructor will demonstrate how to enable and configure the Routing and Remote Access service .

How to Add a Routing Protocol Your instructor will demonstrate how to add a routing protocol .

How to Add a Routing Interface to a Routing Protocol Your instructor will demonstrate how to add a routing interface to a routing protocol .

you will enable and configure routing on the server computer .Practice: Enabling and Configuring the Routing and Remote Access Service In this practice.

Lesson: Configuring Packet Filters What Is Packet Filtering? How Packet Filters Are Applied How to Configure Packet Filters .

What Is Packet Filtering? • Packet filtering specifies what type of traffic is allowed into and out of a router • A packet filter is a TCP/IP configuration setting that is designed to allow or deny inbound or outbound packets Inbound Filter Rout er Outbound Filter Use packet filtering to: Prevent access by unauthorized users Prevent access to resources Improve performance by preventing unnecessary packets from traveling over a slow connection .

32 Component Example network Source Any Protocol UDP network Destination 192.0.How Packet Filters Are Applied Pack Rout et er Component Example Source network 192.0.32 network How filters are Protocol UDP applied: AND is used within a filter Action: Drop OR is used between filters .168.168.0.168.48 Inbound Destination Exclusion Filter 192.

How to Configure Packet Filters Your instructor will demonstrate how to configure packet filters .

you will configure a packet filter .Practice: Configuring Packet Filters In this practice.

Lab A: Configuring Routing by Using Routing and Remote Access In this lab. you will identify and resolve common issues when configuring routing and packet filters .

Module 2: Allocating IP Addressing by Using Dynamic Host Configuration Protocol (DHCP) .

Overview Multimedia: The Role of DHCP in the Network Infrastructure Adding and Authorizing a DHCP Server Service Configuring a DHCP Scope Configuring a DHCP Reservation Configuring DHCP Options Configuring a DHCP Relay Agent .

you will be able to:  Explain what DHCP is  Describe how DHCP works  Explain how routers can forward DHCP broadcast packets  Describe how a DHCP relay .Multimedia: The Role of DHCP in the Network Infrastructure The objective of this media is to provide a high-level overview of DHCP in the network infrastructure At the end of this presentation.

Lesson: Adding and Authorizing a DHCP Server Service Why Use DHCP? How DHCP Allocates IP Addresses How the DHCP Lease Generation Process Works How the DHCP Lease Renewal Process Works How to Add a DHCP Server Service How a DHCP Server Service Is Authorized How to Authorize a DHCP Server Service .

Why Use DHCP? DHCP reduces the complexity and amount of administrative work by using automatic TCP/IP configuration Manual TCP/IP Configuration Automatic TCP/IP Configuration IP addresses are IP addresses are entered manually on supplied automatically each client computer to client computers Possibility of entering Ensures that clients incorrect or invalid IP always use correct address configuration information Incorrect configuration can lead to Client configuration is communication and updated automatically network issues to reflect changes in network structure Administrative overload on networks Eliminates a common where computers are source of network .

How DHCP Allocates IP Addresses DHCP Client2: Non-DHCP Client: IP configuration Static IP from DHCP server configuration Lease Renewal Lease Generation DHCP Server DHCP Client1: DHCP IP configuration IP Address1: Database Leased to DHCP from DHCP server Client1 IP Address2: Leased to DHCP Client2 IP Address3: Available to be leased .

How the DHCP Lease Generation Process Works DHCP Server2 DHCP DHCP Server1 Client DHCP client broadcasts a 1 DHCPDISCOVER packet DHCP servers broadcast a 2 DHCPOFFER packet DHCP client broadcasts a 3 DHCPREQUEST packet DHCP Server1 broadcasts a 4 DHCPACK packet .

How the DHCP Lease Renewal Process Works DHCP Server2 DHCP Client DHCP Server1 87. has expired.5% packet DHCP of client broadcasting the lease durationahas DHCPDISCOVER expired . after a DHCPREQUEST DHCPREQUEST after client sends a 1 50% 87. it’s lease.5% ofof the packet thelease leaseduration has expired.5% 100% 50% ofof of lease duration has expired If the If the client client DHCP fails fails Client to renew to sends renew its lease. then the then DHCP theDHCPlease DHCP generation lease Server1 sends process renewal aprocess DHCPACK starts over will begin 2 again again with aftera87.

How to Add a DHCP Server Service Your instructor will demonstrate how to: Prepare to add a DHCP Server service Add a DHCP Server service .

How a DHCP Server Service Is Authorized If DHCP DHCP Server1 Server1 finds checks itswith IP address on the the domain Domai list. the service controller starts to obtain a n and list of supports authorizedDHCP DHCP Contro clients servers DHCP Server1 ller Authoriz Active ed Direct Services ory DHCP requests DHCP Server2 DHCP Client Unauthorized DHCP IfDHCP DHCPServer2 Server2 client checks doeswith receives not IP Does not find its IP the address address on the service DHCP domain list. the controller service from authorized does to DHCPnot startobtain and a list ofDHCP support requests Server1 authorized DHCP servers clients DHCP authorization is the process of registering the DHCP Server service in the Active Directory domain to support DHCP clients .

How to Authorize a DHCP Server Service Your instructor will demonstrate how to: Apply the requirement for authorizing a DHCP Server service Authorize a DHCP Server service .

you will add and authorize a DHCP Server service .Practice: Adding and Authorizing a DHCP Server Service In this practice.

Lesson: Configuring a DHCP Scope What Are DHCP Scopes? How to Configure a DHCP Scope .

What Are DHCP Scopes? A scope is a range of IP addresses that are available to be leased DHCP Server LAN A LAN B Scope Scope A B Scope Properties Network ID Lease Scope name Subnet mask duration Router Exclusion Network IP range address range .

How to Configure a DHCP Scope Your instructor will demonstrate how to: Configure a DHCP scope Activate a DHCP scope .

Practice: Configuring a DHCP Scope In this practice. you will configure a DHCP scope .

Lesson: Configuring a DHCP Reservation What Is a DHCP Reservation? How to Configure a DHCP Reservation .

within a scope. What Is a DHCP Reservation? A reservation is a specific IP address. that is permanently reserved for leased use to a specific DHCP client Workstat File and ion 1 Print Server Subnet A Subnet B DHCP Workstat Server IP Address1: Leased to ion 2 Workstation 1 IP Address2: Leased to Workstation 2 IP Address3: Reserved for File and Print Server .

How to Configure a DHCP Reservation Your instructor will demonstrate how to: Configure a DHCP reservation Verify a DHCP reservation .

Practice: Configuring a DHCP Reservation In this practice. you will configure a DHCP reservation .

Scope.Lesson: Configuring DHCP Options What Are DHCP Options? How DHCP Server. and Reserved Client Options Are Applied How DHCP Class-level Options Are Applied How to Configure DHCP Options .

What Are DHCP Options? DHCP options are configuration parameters that a DHCP service assigns to clients along with the IP address and default gateway DHCP DHCP Client IP Configuration Data Client Client’s IP address Client’s subnet mask DHCP options such as:  Router’s IP address DHCP  DNS server’s IP Server address  WINS server’s IP address .

Scope.How DHCP Server. and Reserved Client Options Are Applied DHCP File and Server Window Print s 98 Server Scope A Scope B Rout er Windows Windows XP XP DHCP option DHCP option applied at the applied at the reserved-client server scope level level level .

How DHCP Class-level Options Are Applied DHCP File and Server Window Print s 98 Server Rout Rout er er Scope A Scope B Windows Windows XP XP DHCP option applied at the class level .

How to Configure DHCP Options Your instructor will demonstrate how to: Configure a DHCP server option Configure a DHCP scope option .

you will configure DHCP options .Practice: Configuring DHCP Options In this practice.

Lesson: Configuring a DHCP Relay Agent What Is a DHCP Relay Agent? How a DHCP Relay Agent Works How a DHCP Relay Agent Uses Hop Count How a DHCP Relay Agent Uses Boot Threshold How to Configure a DHCP Relay Agent .

What Is a DHCP Relay Agent? A DHCP relay agent is a computer or router configured to listen for DHCP/BOOTP broadcasts from DHCP clients and then relay those messages to DCHP servers on different subnets DHCP Relay DHCP Agent Server Unicast Broadcast Broadcast Subnet A Subnet B Routers Non-RFC 1542 Compliant Clie Clie Clie Clie nt nt nt nt .

How a DHCP Relay Agent Works DHCP DHCP Relay Agent Server Clien Clien Clien t2 Router Non-RFC 1542 Compliant t3 t1 1 Client1 broadcasts a DHCPDISCOVER packet Relay agent forwards the DHCPDISCOVER 2 message to the DHCP server Server sends a DHCPOFFER message to the DHCP 3 relay agent 4 Relay agent broadcasts the DHCPOFFER packet 5 Client1 broadcasts a DHCPREQUEST packet Relay agent forwards the DHCPREQUEST message 6 to the DHCP server Server sends a DHCPACK message to the DHCP 7 relay agent 8 Relay agent broadcasts the DHCPACK packet .

How a DHCP Relay Agent Uses Hop Count The hop count threshold is the number of routers that the packet can be transmitted through before being discarded DHCP Relay Agent 2 Hop Count = 2 DHCP Relay Agent 1 DHCP Server .

How a DHCP Relay Agent Uses Boot Threshold The boot threshold is the length of time in seconds that the DHCP Relay Agent will wait for a local DHCP server to respond to client requests before forwarding the request DHCP Boot Server 2 Threshold = 10 DHCP Relay Agent seconds Local DHCP Server DHCP Server 3 .

How to Configure a DHCP Relay Agent Your instructor will demonstrate how to:Apply guidelines for setting the hop count and boot threshold Add a DHCP Relay Agent Configure a DHCP Relay Agent with the IP address of the DHCP server Enable the DHCP Relay Agent on a router interface .

you will configure a DHCP Relay Agent .Practice: Configuring the DHCP Relay Agent In this practice.

Lab A: Identifying and Resolving Common Issues When Allocating IP Addressing by Using DHCP In this lab. you will identify and resolve common issues when allocating IP addressing by using DHCP .

Module 3: Managing and Monitoring Dynamic Host Configuration Protocol (DHCP) .

Overview Managing a DHCP Database Monitoring DHCP Applying Security Guidelines for DHCP .

Lesson: Managing a DHCP Database Overview of Managing DHCP What Is a DHCP Database? How a DHCP Database Is Backed Up and Restored How To Back Up and Restore a DHCP Database How a DHCP Database Is Reconciled How To Reconcile a DHCP Database .

Overview of Managing DHCP The DHCP service needs to be managed to reflect changes in the network and the DHCP server Scenarios for managing DHCP: Managing DHCP database growth Protecting the DHCP database Ensuring DHCP database consistency Adding clients Adding new network service servers Adding new subnets .

such as information about scopes. and leases Windows Server 2003 stores the DHCP database in the directory %Systemroot%\System32\Dhcp  DHCP. reservations.log and  J50.What Is a DHCP Database? The DHCP database is a dynamic database that is updated when DHCP clients are assigned or as they release their TCP/IP address leases The DHCP database contains DHCP configuration data.log  Tmp.log .mdb The DHCP database files include: Res*.edb  J50.chk J50*. options.

up the DHCP backed the administrator database service up DHCPautomatically to database can the restore backup torestores an only directory offline from fromon thethe the local backup storage offline storage directory location drive location on the local drive .How a DHCP Database Is Backed Up and Restored DHCP Offline Server Restore Storage DHCP Back Restore up DHCP Back up In the If The the DHCP administrator original eventservice that database the automatically moves server isaunable copy hardware backs of tothe load. fails.

How to Back Up and Restore a DHCP Database Your instructor will demonstrate how to:Apply guidelines when backing up and restoring a DHCP database Configure a DHCP database backup path Manually back up a DHCP database to the backup directory on a local drive Manually restore a DHCP database from the backup directory on a local drive .

1.How a DHCP Database Is Reconciled Detailed IP DHCP address lease Compares Database informatio information to Summary n find IP address inconsistencie Registry s lease informatio n Reconciles inconsistencie DHCP Server s in the DHCP database Example Summary Detailed Reconciled DHCP information information database Client has IP IP address Create an active address 192.168.34 is available .1.34 lease entry 192.168.

How to Reconcile a DHCP Database Your instructor will demonstrate how to: Prepare to reconcile a DHCP database Reconcile all scopes in a DHCP database Reconcile a scope in a DHCP database .

Practice: Managing a DHCP Database In this practice. you will manage a DHCP database .

Lesson: Monitoring DHCP Overview of Monitoring DHCP Multimedia: Creating a Performance Baseline (Optional) What Are DHCP Statistics? How to View DHCP Statistics What Is a DHCP Audit Log File? How DHCP Audit Logging Works How to Monitor DHCP Server Performance by Using the DHCP Audit Log Guidelines for Monitoring DHCP Server Performance Common Performance Counters for Monitoring DHCP Server Performance Guidelines for Creating Alerts for a DHCP Server .

Overview of Monitoring DHCP Why monitor DHCP? The DHCP environment is dynamic Increased DHCP server performance Provides the ability to plan for current and future needs DHCP data includes: DHCP statistics DHCP events DHCP performance data .

you will be able to:  Explain the purpose of a performance baseline  Explain that a performance baseline is the level of system performance that you find acceptable  Explain that server .Multimedia: (Optional) Creating a Performance Baseline The objective of this presentation is to provide high-level steps for creating a performance baseline After this presentation.

What Are DHCP Statistics? DHCP Server DHCP statistics represent statistics collected at either the server level or scope level since the DHCP service was last started .

How to View DHCP Statistics Your instructor will demonstrate how to: Enable DHCP statistics to automatically refresh View DHCP server statistics View DHCP scope statistics .

or IP addresses are leased. released.What Is a DHCP Audit Log File? A DHCP audit log is a log of service-related events. or denied . authorizations have been verified. renewed. such as when: the service starts and stops.

DHCP server DHCP server writes a closes the header message existing log and in the moves to the log 12:00 am audit log. How DHCP Audit Logging Works Audit logging is the daily collection of DHCP server events into log files. DHCP performs DHCPSrvLog-Mon. DHCP closes 1.Log 2.Log disk checks Disk checks ensure that both the ongoing availability of server disk space and the current audit log file do not become too large or grow too rapidly . file for the next indicating day of the week that logging has 3. DHCP opensstarted daily audit log daily audit log DHCPSrvLog-Tue.

How to Monitor DHCP Server Performance by Using the DHCP Audit Log Your instructor will demonstrate how to: Enable and configure DHCP audit logging View the DHCP audit log .

and network utilization Review DHCP server counters to look for significant drops or increases that indicate a change in DHCP traffic . paging. such as processor utilization. disk performance.Guidelines for Monitoring DHCP Server Performance Create a baseline of performance data on the DHCP server Check the standard counters for server performance.

Common Performance Counters for Monitoring DHCP Server Performance Performance What to look for after a baseline counters is established Packets Monitor for sudden increases or received/seco decreases which could reflect nd problems Monitor foronsudden the network increases or Requests/sec decreases which could reflect ond problems Monitor foronincreases the network both sudden Active queue and gradual which could reflect length increased load or decreased server capacity Monitor for any activity which could Duplicates indicate that more than one request dropped/seco is being transmitted on behalf of nd clients .

Guidelines for Creating Alerts for a DHCP Server Define the acceptable level that a DHCP counter can rise above or fall below. before creating an alert Use scripts with your alerts .

you will monitor DHCP .Practice: Monitoring DHCP In this practice.

Lesson: Applying Security Guidelines for DHCP Guidelines for Restricting an Unauthorized User from Obtaining a Lease Guidelines for Restricting an Unauthorized. non-Microsoft DHCP Server from Leasing IP Addresses Guidelines for Restricting Who Can Administer the DHCP Service Guidelines for Securing the DHCP Database .

Guidelines for Restricting an Unauthorized User from Obtaining a Lease To restrict an unauthorized user from obtaining a lease: Ensure that unauthorized persons do not have physical or wireless access to your network Enable audit logging for every DHCP server on your network Regularly check and monitor audit log files Use 802.1X-enabled LAN switches or wireless access points to access the network .

Non-Microsoft DHCP Servers from Leasing IP Addresses To restrict an unauthorized. non-Microsoft DHCP Server Non-Microsoft DHCP server software does not include the authorization feature that is . non- Microsoft DHCP server from leasing IP addresses: Ensure that unauthorized persons do not have physical or wireless access to your network Microsoft DHCP Server • Only DHCP servers running Windows 2000 or Windows Server 2003 can be authorized in Active Directory Unauthorized.Guidelines for Restricting Unauthorized.

then add them to the DHCP Users group instead of the DHCP Administrators group Have read-only DHCP console DHCP Users group access to the server DHCP Can view and modify any data Administrators about the DHCP server group . Guidelines for Restricting Who Can Administer the DHCP Service To restrict who can administer the Restrict DHCP the membership of the DHCP service: Administrators group to the minimum number of users necessary to administer If there arethe service users who need read-only access to the DHCP console.

Guidelines for Securing the DHCP Database To further secure the DHCP database: Consider changing the default permissions of the DHCP folder Provide only the minimum permissions required to users to enable them to perform their task Provide Read permissions to users responsible for analyzing DHCP server log files Remove Authenticated Users and Power Users to minimize access to the files in the DHCP folder .

Lab A: Managing and Monitoring DHCP In this lab. you will manage and monitor DHCP .

Module 4:
Resolving Names

Overview

Multimedia: Introduction to the Name
Resolution Process
Viewing Names on a Client
Configuring Host Name Resolution
Configuring NetBIOS Name Resolution

Multimedia: Introduction to the Name
Resolution Process

The objective of this
presentation is to provide a
high-level overview of the
name resolution process in
the network infrastructure
After this presentation, you
will be able to:
 Explain what a host name is
 Explain what a NetBIOS name
is
 Describe how the name
resolution process works

Lesson: Viewing Names on a Client

How Names Are Mapped to IP
Addresses
What Are Host Names?
What Are NetBIOS Names?
How to View Names On a Client

How Names Are Mapped to IP
Addresses

Name
Resolution
Computer44 Service
1
Where is
the 192.168.1.2002
Compute
r44 file?

3

Computer44

What Are Host Names?

A host name is the DNS name, of a device
on a network, that is used to locate
computers on the network
Examples: “.” Root
FQDN
msft
server1.nwtraders.msft.
nwtraders
DNS Suffix
Host Name
training
FQDN

Server1 = 192.168.0.66
server1.training.nwtraders.msft.

Host Name DNS Suffix Server1 = 192.168.0.67

0. It is made up of a 15-character name plus a 16th character (byte) denoting the service NetBIOS 16th Services IP address Name character Workstatio 192.0.3 Server2 20 Server 9 192.168.168.0.3 Server2 00 n 9 192.168.3 Server2 01 Messenger 9 Server2 .What Are NetBIOS Names? A NetBIOS name is an identifier used by NetBIOS services running on a computer.

How to View Names on a Client Your instructor will demonstrate how to:View host names and DNS suffixes by using the Ipconfig utility View host names by using System Properties View NetBIOS names by using the Nbtstat command View your computer’s NetBIOS name by using System Properties Rename a computer .

you will view names on a client .Practice: Viewing Names on a Client In this practice.

Lesson: Configuring Host Name Resolution The Host Name Resolution Process Client Resolver Cache How to View and Flush the Client Resolver Cache Hosts File How to Preload the Client Resolver Cache by Using a Hosts File .

35 What is the IP address for Salescompu ter2? 3 Salescomputer2 Host name resolution is the process of resolving a host name to an IP address .168.1.The Host Name Resolution Process Client NetBIOS Resolver DNS Lmhost File Name Cache WINS Broadcast Cache/Host s File 1Salescomputer2 2192.

Client Resolver Cache The client resolver cache is a location in memory that stores host names that have recently been resolved to IP addresses. It also stores host name- to-IP address mappings loaded from the Hosts file Computer1 Resolved host names Hosts File from the DNS server .

How to View and Flush the Client Resolver Cache Your instructor will demonstrate how to:Display a client resolver cache by using the Ipconfig command Flush a client resolver cache by using the Ipconfig command .

# # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.10     x. # # Additionally.com               # x client host   127.0.acme.63.1       localhost . Each # entry should be kept on an individual line.54.com         # source server #       38.0. The IP address should # be placed in the first column followed by the corresponding host nam Computer1 # The IP address and the host name should be separated by at least o # space. # # This file contains the mappings of IP addresses to host names.acme. # # For example: # Hosts #      File102. comments (such as these) may be inserted on individu # lines or following the machine name denoted by a '#' symbol.94.97     rhino. Hosts File The Hosts file is a static file that is maintained on the local computer and that is used to load host name-to-IP address mappings into the client resolver cache # Copyright (c) 1993-1999 Microsoft Corp.25.

How to Preload a Client Resolver Cache by Using a Hosts File Your instructor will demonstrate how to preload the client resolver cache by using a Hosts file .

Practice: Configuring Host Name Resolution In this practice. you will configure host name resolution .

Lesson: Configuring NetBIOS Name Resolution NetBIOS Name Resolution Process NetBIOS Name Cache How to View and Release the NetBIOS Name Cache Broadcasts Lmhosts File How to Preload a NetBIOS Name Cache by Using an Lmhosts File .

1.168.NetBIOS Name Resolution Process NetBIOS Name CacheWINS BroadcLmhosts File ast Salescomputer2 1 192.35 2 What is the IP address for Salescompu ter2? 3 Salescomputer2 NetBIOS name resolution is the process of mapping a NetBIOS name to an IP address .

or Lmhosts file Computer1 Broadcast Resolved host names from broadcasts Lmhosts File Resolved host names from the WINS server . NetBIOS Name Cache A NetBIOS name cache is a location in memory that stores NetBIOS names that have recently been resolved to IP addresses whether through a WINS server. broadcast.

How to View and Release the NetBIOS Name Cache Your instructor will demonstrate how to:View the contents of the local computer’s NetBIOS name cache Release the NetBIOS name cache and reload the #PRE-tagged entries in the local Lmhosts file Display and view the NetBIOS name table of the local computer .

sent from a single computer. that are distributed to all other devices on the same segment of the network as the sending computer Broadcast Broadcast 2 is 3 Fails answered Broadcast Router 1 The NetBIOS redirector sends 1 out a local broadcast If the resource is on the local network. then the broadcast will not pass through the router . the broadcast is 2 answered and an IP address is returned NetBIOS If the resource is on a remote Redirector 3 network.Broadcasts Local broadcasts are network messages.

94. # # This is a sample LMHOSTS file used by the Microsoft TCP/IP for Windows.94.54.54.102    "appname  \0x14"                   #special app serve # 102. Lmhosts File An Lmhosts file is a local text file that maps NetBIOS names to IP addresses for hosts that are not located on the local subnet # Copyright (c) 1993-1999 Microsoft Corp. The address and the computername # should be separated by at least one space or tab.  Each entry should be kept on an individual line.94.117    localsrv           #PRE             #needed for the in # # #BEGIN_ALTERNATE # #INCLUDE \\localsrv\public\lmhosts # #INCLUDE \\rhino\public\lmhosts # #END_ALTERNATE .54. # # The following example illustrates all of these extensions: # # 102.54.97     rhino         #PRE #DOM:networking  #net group's DC # 102.94. The "#" character # is generally used to denote the start of a comment (see the exceptions # below). # # This file contains the mappings of IP addresses to computernames # (NetBIOS) names.123    popular            #PRE             #source server Lmhosts File # 102. # The IP address should be placed in the first column followed by the Computer1 # corresponding computername.

How to Preload a NetBIOS Name Cache by Using an Lmhosts File Your instructor will demonstrate how to preload a NetBIOS name cache by using an Lmhosts file .

Practice: Configuring NetBIOS Name Resolution In this practice. you will configure NetBIOS name resolution .

Lab A: Resolving Names In this lab. you will resolve names .

Module 5: Resolving Host Names by Using Domain Name System (DNS) .

Overview Multimedia: The Role of DNS in the Network Infrastructure Installing the DNS Server Service Configuring the Properties for the DNS Server Service Configuring DNS Zones Configuring DNS Zone Transfers Configuring DNS Dynamic Updates Configuring a DNS Client Delegating Authority for Zones .

you will be able to:  Explain the role and benefits of DNS in the network infrastructure  Define the key components of DNS  Discuss the DNS domain namespace  Discuss DNS zones and zone transfer .Multimedia: The Role of DNS in the Network Infrastructure The objective of this presentation is to provide a high-level overview of DNS in the network infrastructure At the end of this presentation.

Lesson: Installing the DNS Server Service Overview of Domain Name System What Is a Domain Namespace? Standards for DNS Naming How to Install the DNS Server Service .

Overview of Domain Name System Domain Name System (DNS) is a hierarchical. distributed database that contains mappings of DNS domain names to various types of data. such as IP addresses  DNS is the foundation of the Internet naming scheme and the foundation of an organization’s naming scheme  DNS supports accessing resources by using alphanumeric names  InterNIC is responsible for delegating administrative responsibility for portions of the domain namespace and for registering domain names  DNS was designed to solve issues that arose when there was an increase in the:  Number of hosts on the Internet RSE_PPTLogo2  Traffic generated by the update process .

south.sales.What Is a Domain Namespace? Root Domain Top-Level net com org Domain Second-Level nwtraders Domain Subdomains west south east FQDN: server1.com .nwtr sales Host: server1 aders.

Standards for DNS Naming The following characters are valid for DNS names:  A-Z  a-z  0-9  Hyphen (-) The underscore (_) is a reserved character RSE_PPTLogo2 .

How to Install the DNS Server Service Your instructor will demonstrate how to install the DNS Server service .

Practice: Installing the DNS Server Service In this practice. you will install the DNS Server service .

Lesson: Configuring the Properties for the DNS Server Service What Are the Components of a DNS Solution? What Is a DNS Query? How Recursive Queries Work How a Root Hint Works How Iterative Queries Work How Forwarders Work How DNS Server Caching Works How to Configure the Properties for the DNS Server Service .

” Resource Record .com .edu Resource Record DNS Clients DNS Servers DNS Servers on the Internet .What Are the Components of a DNS Solution? Root “.

What Is a DNS Query? A query is a request for name resolution to a DNS server. There are two types of queries: recursive and iterative DNS clients and DNS servers both initiate queries for name resolution An authoritative DNS server for the namespace of the query will either:  Check the cache. and return the requested IP address  Return an authoritative. check the zone. “No” A non-authoritative DNS server for the namespace of the query will either:  Forward the unresolvable query to a specific query server called a Forwarder  Use root hints to locate an answer for the query .

64.11 Database Computer1 Local DNS Server .How Recursive Queries Work A recursive query is a query made to a DNS server. in which the DNS client asks the DNS server to provide a complete answer to the query DNS server checks the forward lookup zone and cache for an answer to the query Recursive query for mail1.nwtraders .com 172.16.

How Root Hint Works Root hints are DNS resource records stored on a DNS server that list the IP addresses for the DNS root servers Cluster of Cluster of DNS Servers Root (.) Servers Root Hints com DNS Server micros Computer1 oft .

6 hor uer ma cursi itat y ive 2.1 Res pon Re 17 se 3 Computer1 nwtraders. How Iterative Queries Work An iterative query is a query made to a DNS server in which the DNS client requests the best answer that the DNS server can provide without seeking further help from other DNS servers.co 4. The result of an iterative query is often a referral to another DNS server lower in the DNS tree Iterative Query Local Root Hint (.com .c Ask .) Ask 1 DNS Server Iter.com ative om der ry for Query s. ve Aut eQ 6.com nwtr nw que ader 2 1 Itesr.1 tra m ativ il1.

4.) Ask Iter. How Forwarders Work A forwarder is a DNS server designated by other internal DNS servers to forward queries for resolving external or offsite DNS domain names Iterative Query Forwarder Root Hint (.6 Iter rs ativ cu 2. Res 64.com ative y er Query Ask n Qu 1 wtra .16.1 pon Rec 1 se u mai rsive q l1.1 Aut eQ hor Re itat uer y 17 172 i ve .1 ive com 6. r com Computer1 DNS Server .com ders.com Local d ers.n wtra uery fo nwtraders.

44 ClientA Client1 ClientA is at Where’s Client2 192.44 ClientA is s Where’s at 192.168. 8.168.contoso 192.44 Caching is the process of temporarily storing recently accessed information in a special memory subsystem for quicker access . second .8 Client A? .168.How DNS Server Caching Works Caching Table IP Host Name TTL 28 Address clientA.8 Client A? .msft.

How to Configure Properties for the DNS Server Service Your instructor will demonstrate how to:Update root hints on a DNS server Configure a DNS server to use a forwarder Clear the DNS server cache by using the DNS console Clear the DNS server cache by using the DNSCmd command .

you will configure the properties for the DNS Server service .Practice: Configuring Properties for the DNS Server Service In this practice.

Lesson: Configuring DNS Zones How DNS Data Is Stored and Maintained What Are Resource Records and Record Types? What Is a DNS Zone? What Are DNS Zone Types? How to Change a DNS Zone Type What Are Forward and Reverse Lookup Zones? How to Configure Forward and Reverse Lookup Zones .

msft Host name IP address 192. Training.2.nwtraders DNS ClientC 47 .168.nwtraders.msft.168. DNS ClientA 45 192. How DNS Data Is Stored and Maintained Namespace: training.nwtraders.168.dns DNS DNS DNS ClientC ClientA ClientB A resource record (RR) is a standard DNS database structure containing information used to process DNS queries A zone is a portion of the DNS database that contains the resource records with the owner names that belong to the contiguous portion of the DNS namespace .msft DNS Resource records for the Server zone training. Zone File: DNS ClientB 46 192.2.2.

What Are Resource Records and Record Types? Record type Description A Resolves a host name to an IP address PTR Resolves an IP address to a host name SOA The first record in any zone file Resolves names of servers providing SRV services NS Identifies the DNS server for each zone MX The mail server CNAME Resolves from a host name to a host name .

What Is a DNS Zone? Nwtraders South West North Sales Support Training .

What Are DNS Zone Types? Zones Description Read/Write Read/write copy of a DNS database Primary Read-Only Read-only copy of a DNS database Secondary Copy of limited Copy of a zone containing records limited records Stub .

How to Change a DNS Zone Type Your instructor will demonstrate how to change a DNS zone type .

arpa 192. DNS Server Authorized rd Training for training Client2 2.2.47 192.45 Rever 1.19 192.168.2 DNS .168.168.nwtraders. .168.168.168.46 zone DNS 192.47 Client3 DNS Client2 =? 192.2 Client1 DNS se 2.msft. Forwa Client1 DNS 2.What Are Forward and Reverse Lookup Zones? Namespace: training. 46 = ? DNS Client3 DNS DNS Client1 Client2 .45 192.in.2 DNS . Client3 2.168.168.46 Client2 zone addr. DNS 192.

How to Configure Forward and Reverse Lookup Zones Your instructor will demonstrate how to: Configure a forward lookup zone on a primary zone type Configure a forward lookup stub zone Configure a forward lookup zone on a secondary zone type Configure a reverse lookup zone on a primary zone type Configure a reverse lookup zone on a secondary zone type .

you will the configure DNS zones .Practice: Configuring a DNS Zone In this practice.

Lesson: Configuring DNS Zone Transfers How DNS Zone Transfers Work How DNS Notify Works How to Configure DNS Zone Transfers .

How DNS Zone Transfers Work A DNS zone transfer is the synchronization of authoritative DNS zone data between DNS servers SOA 1 query for a zone SOA 2 query answered IXFR 3 or AXFR query for a zone IXFR 4 or AXFR query answered (zone transfer) Secondary Server Primary and Master Server .

How DNS Notify Works A DNS notify is an update to the original DNS protocol specification that permits notification to secondary servers when zone changes occur Resource Destination Server 1 record is Source Server updated 2 SOA serial number is updated 3DNS notify 4Zone transfer Secondary Server Primary and Master Server .

How to Configure DNS Zone Transfers Your instructor will demonstrate how to configure a DNS zone transfer and DNS notify .

Practice: Configuring DNS Zone Transfers In this practice. you will configure DNS zone transfers .

Lesson: Configuring DNS Dynamic Updates Multimedia: Overview of DNS Dynamic Updates What Are Dynamic Updates? How DNS Clients Register and Update Their Own Resource Records by Using Dynamic Updates How a DHCP Server Registers and Updates Resource Records by Using Dynamic Updates How to Configure DNS Manual and Dynamic Updates What Is an Active Directory-Integrated DNS Zone? How Active Directory-Integrated DNS Zones Use Secure Dynamic Updates .

Multimedia: Overview of DNS Dynamic Updates The objective of this presentation is provide a high- level overview of DNS dynamic updates At the end of this presentation. you will be able to:  Explain why DNS dynamic updates are important  Explain the difference between manual and dynamic updates  Explain that client computers can either dynamically update resource records in DNS themselves or have DHCP perform dynamic updates in DNS on their behalf .

registering. or updating its records in zones that are maintained by DNS servers that can accept and process messages for dynamic updates A manual update is the process of an administrator manually creating. or updating the resource record Dynamic update enables DNS client computers to interact automatically with the DNS server to register and update their own resource records  Organizations that have dynamic changes can benefit from the dynamic method of updating DNS resource records Organizations may benefit from manual update if they:  Are in a smaller environment that has few changes to their resource records  Have isolated instances. such as when a larger organization chooses to control every address on every host. registering.What Are Dynamic Updates? A dynamic update is the process of a DNS client dynamically creating. .

How DNS Clients Register and Update Their Own Resource Records by Using Dynamic Updates DNS Server Resource Client sends SOA Records 1 query DNS server sends 2 zone name and server IP address 1 2 3 4 5 Client verifies 3 existing registration DNS server responds by 4 stating that registration does not exist Client sends 5 dynamic update to Windows Windows Windows DNS server Server 2003 XP 2000 .

the DHCP 3 4 4 server updates the DNS forward and reverse records for the client 1 2 Window Server 2003 IP Address LeaseDHCP Down- Running DHCP level Client .How a DHCP Server Registers and Updates Resource Records by Using Dynamic Updates DNS Server DHCP client makes 1 an IP lease request Resource Records DHCP server 2 grants IP lease DHCP server automatically 3 generates client’s Using dynamic FQDN update.

How to Configure DNS Manual and Dynamic Updates Configure a DNS server running Your instructor Windows will Server demonstrate 2003 to accept how to:dynamic updates of DNS resource records Configure a Windows XP Professional client to dynamically update its DNS resource records in DNS Configure a DHCP server running Windows Server 2003 to dynamically update DNS resource records in DNS on behalf of DHCP clients Manually create a DNS resource record .

Directory and is thus more integrated secure zone Uses Active Directory replication instead of zone transfers Allows only secure dynamic updates Uses multi-master instead of single master structure An Active Directory-integrated DNS zone is a DNS zone stored in Active Directory . What Is an Active Directory- Integrated DNS Zone? DNS zone type Non Active Benefit Directory- Does not require Active integrated Active Directory Stores DNS zone data in Active zone Directory.

and the server attempts the update only if the client can prove its identity and has the proper credentials to make the update Find authoritative server DNS Client running Local Windows XP Result DNS Server Find au thoritat ive Rseesruvlet r Attemp t non-s ecure u Refus pdate Secure updeadt e nego Accept tiation ed Domain Controller with Active Directory- Integrated DNS Zone .How Active Directory-Integrated DNS Zones Use Secure Dynamic Updates A secure dynamic update is a process in which a client submits a dynamic update request to a DNS server.

How to Configure Active Directory- Integrated DNS Zones to Allow Secure Dynamic Updates Only Your instructor will demonstrate how to: Configure Active Directory-integrated DNS zones to allow secure dynamic updates Configure security on an Active Directory-integrated DNS zone .

Practice: Configuring DNS Dynamic Updates In this practice. you will configure DNS dynamic updates .

Lesson: Configuring a DNS Client How Preferred and Alternate DNS Servers Work How Suffixes Are Applied How to Configure a DNS Client .

and server fails. you can enter a whole list of alternate DNS servers 1. The preferred and client tries alternate DNS first servers specified on the Properties page automatically appear at the top of 2.How Preferred and Alternate DNS Servers Work 3. the preferred and client tries the alternate servers alternate DNS are queried in the server order they are listed . Optionally. The preferred DNS server is the one that the 4. If the preferred this list.

south.com Connection Specific RSE_PPTLogo2 Suffix .nwtraders. How Suffixes Are Applied Suffix Domain Name query = Selection suffix option search server1 list server1.nwtraders.nwtraders.sales.south.com server1.com server1.

How to Configure a DNS Client Your instructor will demonstrate how to:Manually configure a DNS client to use preferred and alternate DNS servers Configure the DNS server option and the DNS suffix option in DHCP .

Practice: Configuring a DNS Client In this practice. you will configure a DNS client .

Lesson: Delegating Authority for Zones What Is Delegation of a DNS Zone? How to Delegate a Subdomain to a DNS Zone .

msft at the nwtraders.nwtraders. training.nwtraders.What Is Delegation of a DNS Zone? Namespace: The administrator.msft administration of DNS for that part of the Training.msft on Delegation is the process of assigning authority over child domains in your DNS namespace to another entity by adding records in the DNS database .co m and offloads training.nwtraders.com level of the DNS server namespace.co namespace m now has its own DNS server administrator and DNS server to resolve queries in that part of the namespace/organizati training. delegates authority for training.nwtraders.nwtraders.

How to Delegate a Sub-domain to a DNS Zone Your instructor will demonstrate how to delegate a sub-domain to a DNS zone .

you will resolve host names by using DNS .Lab A: Resolving Host Names by Using Domain Name System In this lab.

Module 6: Managing and Monitoring Domain Name System (DNS) .

DNSCmd.Overview Configuring the Time-to-Live Value Configuring Aging and Scavenging Integrating DNS with WINS Testing the DNS Server Configuration Verifying that a Resource Record Exists by Using Nslookup. and DNSLint Monitoring DNS Server Performance .

Lesson: Configuring the Time-to- Live Value How the Time-to-Live Value Works How to Configure the Time-to-Live Value .

the record is removed 3 from the cache .How the Time-to-Live Value Works The Time-to-Live (TTL) value is a time-out value expressed in seconds that is included with DNS records that are returned in a DNS query  Resource Record Resource Record C C ach ach Zone e e Authoritative DNS Client DNS Server1 DNS Server2TTL set on the zone The records in the zone are sent to other DNS 1 servers and clients in response to queries DNS servers and DNS clients that store the 2 record in their cache hold the record for the TTL period supplied in the record When the TTL expires.

How to Configure the Time-to- Live Value Your instructor will demonstrate how to: Adjust the TTL value for a zone Adjust the TTL value for a resource record .

you will configure the TTL value .Practice: Configuring the Time- to-Live Value In this practice.

Lesson: Configuring Aging and Scavenging What Are Aging and Scavenging Parameters? How Aging and Scavenging Work How to Configure Aging and Scavenging .

What Are Aging and Scavenging Parameters? Aging is the process that determines whether a stale DNS resource record should be removed from the DNS database   Scavenging is the process of cleaning and removing outdated or extinct names data from the WINS database A refresh attempt is the process of a computer requesting a refresh on its DNS record Parameter Description Example The time period when No Refresh 7-days the DNS server does not Interval accept refresh attempts (default) The time period when Refresh 7-days the DNS server does Interval accept refresh attempts (default) .

How Aging and Scavenging Works 7-days 7-days Jan 1 Jan 8 Jan 15 Refres Time No. h Scave stampe Refresh interva nge d interval l Aging .

How to Configure Aging and Scavenging Set aging/scavenging parameters for Your theinstructor DNS serverwill demonstrate how to:Set aging/scavenging parameters on a DNS zone Enable automatic scavenging of stale resource records on a DNS server Start immediate scavenging of stale resource records View when a zone can start scavenging stale resource records Configure the time stamp on a DNS resource record View the time stamp on a dynamic resource record .

Practice: Configure Aging and Scavenging In this practice. you will configure aging and scavenging .

Lesson: Integrating DNS and WINS Multimedia: DNS and WINS Integration How to Integrate DNS with WINS .

Multimedia: DNS and WINS Integration The objective of this presentation is to explain how DNS and WINS can be integrated in the network infrastructure At the end of this presentation. you will be able to:  Define DNS and WINS integration  Explain how host names and NetBIOS names fit into DNS and WINS integration  Describe how DNS and WINS .

How to Integrate DNS with WINS Your instructor will demonstrate how to integrate DNS with WINS .

Practice: Integrating DNS with WINS In this practice. you will integrate DNS with WINS .

Lesson: Testing the DNS Server Configuration How Simple and Recursive Queries Work How to Test the DNS Server Configuration .

msft DNS Client Resolver .How Simple and Recursive Queries Work A simple query is a query that performs a local test by using the DNS client to query the DNS server A recursive query is a query that tests a DNS server by forwarding a recursive query to another DNS server DNS Server DNS Root Server DNS Service Authoritative zone: training.nwtraders.

How to Test the DNS Server Configuration Your instructor will demonstrate how to:Manually test a simple query on the DNS server Manually test a recursive query on the DNS server Enable automatic query testing on the DNS server .

you will test the DNS server configuration .Practice: Testing the DNS Server Configuration In this practice.

DNSCmd. and DNSLint . DNSCmd. and DNSLint Why Verify that a Resource Record Exists? Nslookup DNSCmd DNSLint How to Verify that a Resource Record Exists by Using Nslookup.Lesson: Verifying that a Resource Record Exists by Using Nslookup.

you can verify: Missing records Incomplete records Incorrectly configured records You can use the following three utilities to monitor DNS: Nslookup DNSCmd DNSLint .Why Verify that a Resource Record Exists? To identify issues with your DNS solution.

Nslookup up is a command-line utility used to diagnose DNS infrastr .

DNSCmd md is a DNS support tool which allows you to complete ma dministrative tasks on the DNS server from a command pr .

DNSLint DNSLint is a Microsoft Windows utility that can run a series of queries to help diagnose common DNS name resolution issues .

by using the DNSCMD Create a DNSLint report . by using DNSCmd Display information about a specific zone that is configured on a DNS server.How to Verify that a Resource Record Exists by Using Nslookup. and DNSLint Your instructor will demonstrate how to:Verify that a resource record exists in DNS by using Nslookup Install DNSCmd Display a complete list of zones configured on a DNS server. DNSCmd.

DNSCmd. and DNSLint . DNSCmd. you will verify that a resource record exists by using Nslookup. and DNSLint In this practice.Practice: Verifying that a Resource Record Exists by Using Nslookup.

Lesson: Monitoring DNS Server Performance Guidelines for Monitoring DNS Server Performance by Using the Performance Console What Is a DNS Event Log? What Is DNS Debug Logging? How to Monitor DNS Server Performance by Using Logging .

then it AXFR Request could reflect a need to review Sent the number of changes in the zone and the configuration of zone transfers . then it should be Queries/sec If this counter further goes dramatically investigated above the baseline.Guidelines for Monitoring DNS Server Performance by Using the Performance Console Performance What to look for after a counter baseline is established Any increase over the baseline Dynamic Update may be cause for further Rejected investigation If this counter goes dramatically Recursive up or down.

What Is a DNS Event Log? A DNS event log is a system log configured to log only DNS events .

What Is DNS Debug Logging? DNS debug logging is an optional logging tool for DNS that stores the DNS information that you select Primary DNS Server1 Secondary DNS Server2 .

How to Monitor DNS Server Performance by Using Logging Your instructor will demonstrate how to: Enable and configure debug logging options on the DNS server View a DNS server debug log file View the DNS server event log located on another computer .

Practice: Monitoring DNS Server Performance In this practice. you will monitor DNS server performance .

you will manage and monitor DNS .Lab A: Managing and Monitoring DNS In this lab.

Module 7: Resolving NetBIOS Names by Using Windows Internet Name Service (WINS) .

Overview Multimedia: The Role of WINS in the Network Infrastructure Installing and Configuring a WINS Server Managing Records in WINS Configuring WINS Replication Managing the WINS Database .

Multimedia: The Role of WINS in the Network Infrastructure The objective of this presentation is to provide a high-level overview of WINS in the network infrastructure. At the end of this presentation. you will be able to:  Explain the role of WINS in the network infrastructure  Describe how WINS resolves NetBIOS names  Describe the WINS registration process  Describe how WINS replication works .

Lesson: Installing and Configuring a WINS Server The Components of WINS What Is a NetBIOS Node Type? How a WINS Client Registers and Releases NetBIOS Names How Burst Handling Works How a WINS Server Resolves NetBIOS Names How to Install the WINS Service How to Configure Burst Handling .

The Components of WINS WINS Server Subnet 2 WINS Datab ase WINS Client Subnet 1 WINS Proxy .

M-node but functions as a B-node by 4 default Combines P-node and B-node.What Is a NetBIOS Node Type? A NetBIOS node type is a method that a computer uses to resolve a NetBIOS name into an IP address Node Registr Description type y value Uses broadcasts for name B-node 1 registration and resolution Uses a NetBIOS name server P-node such as WINS to resolve NetBIOS 2 names Combines B-node and P-node. H-node but functions as a P-node by 8 default .

How a WINS Client Registers and Releases NetBIOS Names Name Registered Name Released WINS Client WINS Server WINS client sends request to register 1 WINS server returns registration message with TTL value indicating when the registration WINS expires client sends if nottorenewed request release name 2 WINS server sends a positive name lease response .

How Burst Handling Works Burst handling is the response of a WINS server to a large number of WINS clients that are trying to simultaneously register their local names in WINS Request to 1 register 2 Registered .

How a WINS Server Resolves NetBIOS Names Up to 3 attempts WINS Server A ClientA 1 Subnet 2 Subnet 1 2 WINS Server B 3 Subnet 2 Client makes 3 attempts to contact WINS 1 server. IP address is returned to 3 the client . but does not receive a response Client attempts to contact all WINS servers 2 until contact is made If name is resolved.

How to Install the WINS Service Your instructor will demonstrate how to: Install the WINS service Check the status of the WINS service .

How to Configure Burst Handling Your instructor will demonstrate how to configure burst handling .

you will install and configure a WINS server. .Practice: Installing and Configuring a WINS Server In this practice.

Lesson: Managing Records in WINS What Is a Client Record? What Is a Static Mapping? How to Add a Static Mapping Entry Methods for Filtering and Viewing Records in WINS How to Filter WINS Records .

be the the a the the unique entry registered which number entry the entry originates can is that will be expire the WINS ame. A tounique the indicate corresponds the database which from entry. Shows hexadecimal whether which can including when to entry. displays server group. typeand internet identifier released. What Is a Client Record? he Theregistered service The Displays IPthat The The address NetBIOS WINS registered state “x” that server of name. “null” or assigns tombstoned or multihomed or during is blankname ifcomputer theregistration entry is not static . hexadecimal or name a group. static active.

What Is a Static Mapping? A static mapping is a manual entry in the WINS database that maps a NetBIOS name to an IP address Administrator enters computer name-to-IP address Non-WINS Clients entry WINS Database .

How to Add a Static Mapping Entry Your instructor will demonstrate how to add a static mapping entry .

including or excluding the subnet Based mask on the as records name a parameter of Record owners one or more name record owners Based on one or more NetBIOS Record types name suffix record types . or a address NetBIOS name and an IP address. Methods for Filtering and Viewing Records in WINS Search filter Description Based on all or part of a NetBIOS NetBIOS name and IP name. an IP address.

How to Filter WINS Records Your instructor will demonstrate how to filter WINS records .

you will manage records in the WINS server .Practice: Managing Records in the WINS Server In this practice.

Lesson: Configuring WINS Replication How WINS Replication Works How Push Replication Works How Pull Replication Works What Is Push/Pull Replication? WINS Replication Partner Properties How to Configure WINS Replication How to Configure Replication Partners Properties .

How WINS Replication Works WINS replication is the process of copying updated WINS data from a WINS server to other WINS servers in a network to synchronize the data WINS Server B WINS Server A WINS Replicat ion Subnet 1 Subnet 2 HostA HostB .

How Push Replication Works A push partner notifies replication partners when the database reaches a set threshold of changes Push replication maintains a high level of synchronization/use with fast links Notification Replication WINS Server A 3 4 2 Replicas sent sent request WINS Server B Subnet 1 1 Subnet 2 50 changes occur in database WINS Server A reaches set threshold of 50 1 changes in its database WINS Server A notifies WINS Server B that 2 threshold is reached WINS Server B responds to WINS Server A with 3 a replication request WINS Server A sends replicas of its new 4 database entries .

How Pull Replication Works A pull partner requests replication based on a set time Pull replication limits frequency of replication traffic across slow links Requests 2 1 Replicas sent changes WINS Server A every 8 hours WINS Server B Subnet 1 Subnet 2 WINS Server A requests database changes 1 every 8 hours WINS Server B sends replicas of its new 2 database entries .

What Is Push/Pull Replication? Push/pull replication effectively ensures that the databases on multiple WINS servers are nearly identical at anyNotifying given time by: replication partners whenever the database reaches a set threshold of changes AND Requesting replication based on a set time .

WINS Replication Partner Properties Property Description Enable automatic As WINS servers are discovered partner joining the network. the static mapping is server (migrate on) overwritten . they are configuration added as replication partners Enable persistent Increases the speed of replication so that a server can immediately connections send records to its partners Enable overwrite If presented with both a static and unique static dynamic-type entry for the same mappings at this name.

How to Configure WINS Replication Your instructor will demonstrate how to:Configure WINS replication Modify a replication partner type Modify the Push Replication settings for replication partners Modify the Pull Replication settings for replication partners Replicate with all WINS partners Start push replication for a WINS replication partner Start pull replication for a WINS replication partner .

How to Configure Replication Partners Properties Your instructor will demonstrate how to: Configure the Pull properties for the replication partner Configure the Push properties for the replication partner .

Practice: Configuring WINS Replication In this practice. you will configure WINS replication .

Lesson: Managing the WINS Database Why Back Up a WINS Database? How to Back Up and Restore a WINS Database What Are Simple Deletion and Tombstoned Deletion of Records? How to Delete a WINS Record What Are Dynamic and Offline Compacting? How to Compact a WINS Database How Scavenging Works How to Scavenge a WINS Database How a WINS Database Is Checked for Consistency How to Check for Consistency on a WINS Database Guidelines for Decommissioning a WINS Server .

Why Back Up a WINS Database? To repair a corrupt WINS database. you can back up and then restore a WINS database To back up a WINS database : Specify a backup directory Back up manually or configure automatic backups To restore a WINS database: Manually delete and restore database files .

Module 8: Securing Network Traffic by Using IPSec and Certificates .

Overview Implementing IPSec Implementing IPSec with Certificates Monitoring IPSec .

Lesson: Implementing IPSec Multimedia: The Role of IPSec in a Network Infrastructure What Is IPSec? How IPSec Secures Traffic What Is an IPSec Security Policy? How IPSec Policies Work Together Guidelines for Balancing Security and Performance How to Assign or Unassign an IPSec Policy on a Computer .

Multimedia: The Role of IPSec in a Network Infrastructure The objective of this presentation is to describe how IPSec is used to ensure secure private communications over IP networks At the end of this presentation. you will be able to:  Explain what IPSec is  Describe how IPSec works  Describe how IPSec policies work .

and encrypts data at the IP packet level. authenticates. IPSec is used to provide data security for network transmissions Benefits of IPSec: Mutual authentication before and during communications Confidentiality through encryption of IP traffic Integrity of IP traffic by rejecting modified traffic Prevention against replay attacks .What Is IPSec? IPSec is an industry-defined set of standards that verifies.

How IPSec Secures Traffic Active 1 Directory IPSec IPSec Policy Policy Security Association Negotiation (ISAKMP) 2 TCP TCP Layer Layer IPSec IPSec Driver Driver 3 Encrypted IP Packets .

What Is an IPSec Security Policy? IPSec uses rules and policies to secure network traffic Rules are composed of:  A filter  A filter action  An authentication method Default polices include:  Client (Respond Only)  Server (Request Security)  Secure Server (Require Security) .

How IPSec Policies Work Together Client Server Secure Server No policy (Respond (Request (Require assigned Only) Security) Security) No No policy assigned No IPSec No IPSec No IPSec communication Client (Respond No IPSec No IPSec IPSec IPSec Only) Server (Request No IPSec IPSec IPSec IPSec Security) Secure Server No IPSec IPSec IPSec (Require Security) communication .

and high security levels requires: Assessing the risk and determining the appropriate level of security Identifying valuable information Determining how the policies can best be implemented Ensuring that management and technology requirements are in place Providing all users with both secure and efficient access .Guidelines for Balancing Security and Performance Properly balancing minimal. standard.

How to Assign or Unassign an IPSec Policy on a Computer Your instructor will demonstrate how to: Add an IP Security Management Console and then assign or unassign an IPSec policy for a local computer policy Assign or unassign an IPSec policy for an Active Directory-based Group Policy .

Practice: Implementing IPSec In this practice. you will assign an IPSec policy .

Lesson: Implementing IPSec with Certificates What Is a Certificate? Common Uses of Certificates Why Use Certificates with IPSec to Secure Network Traffic? Multimedia: Certificate Enrollment How to Configure IPSec to Use a Certificate .

or service that presents the certificate Contain details about the issuer .What Is a Certificate? Certificates are an electronic credential that authenticates a user on the Internet and intranets Certificates: Securely bind a public key to the entity that holds the corresponding private key Are digitally signed by the issuing certificate authority (CA) Verify the identity of a user. computer.

Common Uses of Certificates Internet Authentic Encrypting ation File System Digital Signatures Secure E- IP Security Mail Smart Card Software Logon Code Signing .

Why Use Certificates with IPSec to Secure Network Traffic? IP Security Configure IPSec to use certificates: • To allow an enterprise to interoperate with other organizations that trust the same CA • When you need a higher level of security than provided by the Kerberos protocol or preshared keys • For clients that are not part of an Active Directory structure or do not support the Kerberos protocol .

Multimedia: Certificate Enrollment The objective of this presentation is to provide a high-level overview of certificate enrollment At the end of this presentation. you will be able to:  Define certificate enrollment  Describe how certificate enrollment works .

How to Configure IPSec to Use a Certificate Your instructor will demonstrate how to configure IPSec to use a certificate .

you will implement IPSec with a certificate .Practice: Implementing IPSec with Certificates In this practice.

Lesson: Monitoring IPSec IP Security Monitor Guidelines for Monitoring IPSec Policies How to Stop and Start the IPSec Services How to View IPSec Policy Details .

IP Security Monitor Use the IP Security Monitor to view details about IPSec policies such as: Active IPSec policy details  Name  Description  Date last modified  Store  Path  Organizational unit and Group Policy object (GPO) name Main mode statistics  Information from the Internet Key Exchange Quick mode statistics  Information about the IPSec driver .

Guidelines for Monitoring IPSec
Policies

Stop the IPSec Policy Agent on the
Tocomputers
help isolate
andthe
usecause of command
the ping a
communication issue:
to verify communications between
them
Restart the IPSec Policy Agent and use
the IP Security Monitor to confirm that
a security association is established
between the computers, and the policy
is in effect
Use IP Security Policy Management to
verify that the policies are assigned to
both computers
Use IP Security Policy Management to
review the policies and ensure they are
compatible with each other
Restart the IP Security Monitor to
ensure that all changes are applied

How to Stop and Start the IPSec
Services

Your instructor will demonstrate how
to:
Stop and start the IPSec services by
using the Windows interface
Stop and start the IPSec services by
using the command prompt

How to View IPSec Policy Details

Your instructor will demonstrate how
to:
View IPSec Active Policy details by
using the IPSec Security Monitor
View IPSec Active Policy Main Mode
Security Associations by using the IP
Security Monitor

Practice: Monitoring IPSec

In this the practice, you will
monitor IPSec

Lab A: Securing Network Traffic

In this lab, you will secure network
traffic

Course Evaluation

Module 9: Configuring Network Access .

Overview Introduction to a Network Access Infrastructure Configuring a VPN Connection Configuring a Dial-up Connection Configuring a Wireless Connection Controlling User Access to a Network Centralizing Network Access Authentication and Policy Management by Using IAS .

Lesson: Introduction to a Network
Access Infrastructure

Multimedia: Introduction to the
Network Access Infrastructure
Components of a Network Access
Infrastructure
Configuration Requirements for a
Network Access Server
What Is a Network Access Client?
What Are Network Access
Authentication and Authorization?
Available Methods of Authentication

Multimedia: Introduction to the
Network Access Infrastructure

The objective of this
presentation is to provide a
high-level overview of the
network access
infrastructure and how
network access services
work together
After this presentation, you
will be able to:
 Explain the components of the
network access infrastructure
 Describe how the network
access components work
together to provide a remote

Components of a Network Access
Infrastructure

DHCP Network Access
Server Server
Domain
Controller
IAS
Server VPN
Client

Wireless Dial-up
Access
Point NetworkClient
access
service
Network access
clients
Wireless Authentication
Client service
Active Directory (not

Configuration Requirements for a
Network Access Server

A network access server is a server that
acts as a gateway to a network for a client

To configure the network access server,
you will need to know:
Whether the server will also act as
a router
Authentication methods and
providers
Client access
IP address assignment
PPP configuration options
Event logging preferences

What Is a Network Access
Client?

Type of Client Description
Connects to a network across a shared or
public network
Emulates a point-to-point link on a private
VPN Client network
Connects to a network by using a
communications network
Creates a physical connection to a port
on a remote access server on a private
network
Dial-up
Uses a modem or ISDN adapter to dial in
Client
to the remote access server

Connects to a network by infrared light
Wireless
and radio frequency technologies
Client
Includes many different types of devices

What Are Network Access
Authentication and Authorization?

2 1

Network Access Network Access Domain
Client Server Controller

Verifies a remote user's identification to the
1Authenticati network service that the remote user is
attempting to access (interactive logon)
on
Verifies that the connection attempt is
2Authorizatio allowed; authorization occurs after a
n successful logon attempt

Available Methods of Authentication Remote and wireless authentication methods include: MS-CHAP CHAP v2 PAP EAP-TLS SPAP PEAP MS-CHAP MD-5 Challenge Recommended method for user authentication is by using smart card certificates .

Lesson: Configuring a VPN Connection How a VPN Connection Works Components of a VPN Connection Encryption Protocols for a VPN Connection Configuration Requirements for a VPN Server How to Configure a Remote Access Server for a VPN Connection How to Configure a Remote Access Client for a VPN Connection How to Configure Smart Card Authentication on a Remote Access Server .

such as the Internet. How a VPN Connection Works A VPN extends the capabilities of a private network to encompass links across shared or public networks. in a manner that emulates a point-to-point link VPN Server Domain Controller VPN Client 1VPN 3 authorizes the client client calls theVPN server authenticates VPN server and 2 VPN server answers the call 4 VPN server transfers data .

Components of a VPN Connection VPN Tunnel Tunneling VPN Protocols Tunneled Server Data VPN Domain Client Controller Authentica Transit Network tion DHCP Address and Name Server Server Allocation .

Encryption Protocols for a VPN Connection Category Description Employs user-level Point-to-Point Protocol (PPP) authentication methods and Microsoft PPTP Point-to-Point Encryption (MPPE) for data Employs user-level PPP authentication encryption methods over a connection that is encrypted with IPSec L2TP/IPSec Recommended authentication method for VPN network access is L2TP/IPSec with certificates Examples of Remote Access Server Using L2TP/IPSec Remote Remote Access Server Access Server Remote User to Branch Office to Branch Corp Net Office .

Configuration Requirements for a VPN Server Before adding a remote access / VPN Identify which network interface connects server: to the Internet and which network interface connects to your private network Identify whether clients receive IP addresses from a DHCP server or the VPN server Identify whether to authenticate connection requests by RADIUS or by the VPN server .

How to Configure a Remote Access Server for a VPN Connection Your instructor will demonstrate how to:Register a remote access server in Active Directory Configure a remote access server for a VPN connection Configure the number of ports available on the server .

How to Configure a Remote Access Client for a VPN Connection Your instructor will demonstrate how to configure a remote access client for a VPN connection .

How to Configure Smart Card Authentication on a Remote Access Server Your instructor will demonstrate how to configure smart card authentication on a remote access server .

Practice: Configuring a VPN Connection In this practice. you will configure a VPN connection .

Lesson: Configuring a Dial-up Connection How Dial-up Network Access Works Components of a Dial-up Connection Authentication Methods for a Dial-up Connection Configuration Requirements for a Remote Access Server How to Configure a Remote Access Server for a Dial-up Connection How to Configure a Remote Access Client for a Dial-up Connection   .

How Dial-up Network Access Works Dial-up networking is the process of a remote access client making a temporary dial-up connection to a physical port on a remote access server by using the service of a telecommunications provider Remote Access Server Domain Controller Dial-up Client 1 3 Dial-up client calls RA server authenticates the RA server and authorizes the client 2 RA server answers the call 4 RA server transfers data .

25. ISDN. or ATM Dial-up Client Controller Authentication DHCP Server Address and Name Server Allocation . Domain X.Components of a Dial-up Connection Remote Access LAN and Remote Access Server Protocols WAN Options: Telephone.

Authentication Methods for a Dial-up Connection Authentication methods for dial- upCHAP include: MS-CHAP v2 PAP EAP-TLS SPAP EAP-MD5 MS-CHAP Challenge Mutual Authentication Remote Access Server Remote Access User Strongest method: EAP-TLS with smart cards .

Configuration Requirements for a Remote Access Server Before adding a remote access server for dial-up access: Identify whether clients receive IP addresses from a DHCP server or the remote access server Identify whether to authenticate connection requests by RADIUS or by the remote access server Verify that users have user accounts configured for dial-up access .

How to Configure a Remote Access Server for a Dial-up Connection Your instructor will demonstrate how to configure a remote access server for a dial-up connection .

How to Configure a Remote Access Client for a Dial-up Connection Your instructor will demonstrate how to:Configure a remote access client for a dial-up connection Modify the settings of a dial-up connection .

Lesson: Configuring a Wireless Connection Overview of Wireless Network Access Components of a Wireless Connection Wireless Standards Authentication Methods for Wireless Networks Configuration Requirements of a Windows XP Professional Client for Wireless Network Access How to Configure the Network Access Client for a Wireless Connection .

Overview of Wireless Network Access A wireless network uses technology that enables devices to communicate by using standard network protocols and electromagnetic waves—not network cabling— to carry signals over part or all of the network infrastructure DHCP Network Access Server Server Domain Controller IAS Server Standard Description Infrastruct Clients connect to ure WLAN wireless Network access wirelesspoints Wireless Peer-to. clients communicate Access Point peer directly with each Wireless WLAN other without the use Client of cables .

Components of a Wireless Connection Authenticati Remote Access on Server Port s Domain Controller DHCP Wireless Server Access Point Wireless Address and Name Client Server Allocation (Station) .

802.11b g 54 Mbps but at shorter ranges than 802.11g 802. 802. Wireless Standards Standa rd Description A group of specifications for WLANs developed by IEEE 802.1x Requires greater hardware and infrastructure investment .11b.11b Authenticates clients before it lets them on the network Can be used for wireless or wired LANs 802.11.11 Enhancement to and compatible with 802.11 video and conferencing applications a Works well in densely populated areas Is not interoperable with 802.11 Good range but susceptible to radio signal interference b Popular with home and small business users Transmissions speeds as high as 54 Mbps Allows wireless LAN networking to perform better for 802.11 Defines the physical and MAC portion of the OSI data- link layer 11 megabits per second 802.

Authentication Methods for Wireless Networks 802.1x Authentication Description Methods Provides mutual authentication Uses certificates for server EAP-MS-CHAP v2 authentication and password- based credentials for client Provides mutual authentication and is authentication the strongest method of EAP-TLS authentication and key determination Uses certificates for both server and client authentication Provides support for EAP-TLS and PEAP EAP-MS-CHAP v2 Encrypts the negotiation process .

Configuration Requirements of a Windows XP Professional Client for Wireless Network Access Choose a network type:  Access point  Computer-to-computer  Any available network Configure authentication appropriately for the selected network type Balance the level of security with the deployment effort:  For the highest level of security. choose PEAP with certificates (EAP-TLS)  For the greatest ease of deployment. choose PEAP with passwords (EAP-MS- CHAP v2) .

How to Configure the Network Access Client for a Wireless Connection Your instructor will demonstrate how to configure a network access client for a wireless connection .

Lesson: Controlling User Access to a Network User Account Dial-in Permissions How to Configure User Accounts for Network Access What Is a Remote Access Policy? What Is a Remote Access Policy Profile? How Remote Access Policies Are Processed How to Configure a Remote Access Policy How to Configure a Remote Access Policy Profile .

User Account Dial-in Permissions You can control the level of remote access for users by configuring the following dial-in properties: Remote Access Permission (Dial-in or VPN) Verify Caller ID Callback Options Assign a Static IP Address Apply Static Routes .

How to Configure User Accounts for Network Access Your instructor will demonstrate how to:Raise the domain functional level Configure the dial-in properties for user accounts in a Windows 2000 native domain .

remote access permission is either granted or denied • Profile.What Is a Remote Access Policy? A remote access policy is a named rule that • Conditions. If all conditions of a remote access policy are met. One or more attributes that consists of the following elements: are compared to the settings of the connection attempt • Remote access permission. A set of properties that are applied to a connection when it is authorized (either through the user account or policy permission settings) .

What Is a Remote Access Policy Profile? Dial-in Constraints IP Properties Multilink IP Address Assignment IP Filters Authentication Encryption Advanced Settings Remote Access User .

How Remote Access Policies Are Processed START Go to next Yes No policy Are Does connection No there Yes attempt match policies policy conditions? to Reject Yes Yes connect process? ion Is the Ignore No Is the remote access attempt No User Dialin permission for the Properties user account set to attribute set to Deny Access? False? Yes No Reject Is the remote Is the remote access connection No access Yes permission for the user attempt permission set account set to Allow to Deny Access? Accept Yes Access? connecti on Does the connectionattempt No attempt match the User Account and Profile settings? .

How to Configure a Remote Access Policy Your instructor will demonstrate how to: Configure a remote access policy Configure a new policy condition for a remote access policy .

How to Configure a Remote Access Policy Profile Your instructor will demonstrate how to configure a remote access policy profile .

you will configure a remote access policy and policy profile .Practice: Controlling User Access to a Network In this practice.

Lesson: Centralizing Network Access Authentication and Policy Management by Using IAS What Is RADIUS? What Is IAS? How Centralized Authentication Works How to Configure an IAS Server for Network Access Authentication How to Configure the Remote Access Server to Use IAS for Authentication .

and wireless networks Use RADIUS to manage network access centrally across many types of network access RADIUS servers receive and process connection requests or accounting messages from RADIUS clients or proxies . and accounting for network access RADIUS is the standard for managing network access for VPN. authorization. based on a client/server model. What Is RADIUS? RADIUS is a widely deployed protocol. that enables centralized authentication. dial-up.

auditing. a Windows Server 2003 component. is an industry-standard compliant RADIUS server. dial-up. and wireless connections You can configure IAS to support:RADI US Dial-up corporate access Serve Extranet access for business r partners Internet access Outsourced corporate access through service providers . authorization. and accounting of connections for VPN. IAS performs centralized authentication. What Is IAS? IAS.

How Centralized Authentication Works Communicates to 4 the RADIUS client to grant or deny access RADIUS 2 Forwards Client requests to a Domai RADIUS n server Contro ller Remote Access Clie Server nt RADI US Serve 3 Authenticates r requests and Dials in to a local 1 RADIUS client to gain stores accounting network connectivity information .

How to Configure an IAS Server for Network Access Authentication Your instructor will demonstrate how to:Authorize an IAS server in Active Directory Configure the IAS server for RADIUS clients .

How to Configure a Remote Access Server to Use IAS for Authentication Your instructor will demonstrate how to configure a remote access server to use IAS for authentication .

you will add a VPN server as a RADIUS client to an IAS server .Practice: Centralizing Network Access Authentication by Using IAS In this practice.

Lab A: Configuring Network Access In this lab. you will configure network access .

Module 10: Managing and Monitoring Network Access .

Overview Managing the Network Access Services Configuring Logging on a Network Access Server Collecting and Monitoring Network Access Data .

Lesson: Managing the Network Access Services Guidelines for Managing Network Access Services How to Manage Remote Access Clients .

Guidelines for Managing Network Access Services 5 1 2 3 4 Remote Access Remote Access Server1 Server2 1 Configure another server to support remote access clients 2 Schedule downtime for remote access server during off-peak hours 3 Send the disconnect message to remote access clients 4 Disconnect the remaining active remote access clients 5 Stop the remote access service .

How to Manage Remote Access Clients Your instructor will demonstrate how to:Send a message to a single remote access client Send a message to all remote access clients Disconnect a remote access client Start and stop the Routing and Remote Access service .

Practice: Managing the Remote Access Service In this practice. you will manage the Remote Access service .

Lesson: Configuring Logging on a Network Access Server Routing and Remote Access Logging Authentication and Accounting Logging How to Configure Authentication and Accounting Logging Log Files for Specific Connections How to Configure Logging for Specific Connection Types .

Routing and Remote Access Logging Type of logging Description Records remote access server errors. warnings. and other Event logging detailed information in the system event log Tracks usage and Local authentication authentication attempts on the and account logging local remote access server RADIUS-based Tracks remote access usage authentication and and authentication attempts account logging .

Authentication and Accounting Logging Authentication and accounting logging is a process that records detailed information about remote access connection requests Use authentication and accounting Track remote information to:access usage and authentication attempts Maintain records for billing purposes Isolate remote access policy issues Refine your logging methods after you determine which data best matches your Theneeds log fileby specifying: properties The types of request logging .

How to Configure Authentication and Accounting Logging Your instructor will demonstrate how to:Enable Windows accounting Configure local authentication and accounting logging Configure RADIUS-based authentication and accounting logging .

mode negotiations . Log Files for Specific Connections Connection Log file Description of log file type name Records the series of programming functions and PPP PPP log PPP control messages during a PPP connection Records information about L2TP/IPSec Audit log IPSec-related events Records information about all Internet Key Exchange L2TP/IPSec Oakley log main-mode or quick.

How to Configure Logging for Specific Connection Types Your instructor will demonstrate how to: Configure PPP logging Configure Oakley logging for an L2TP/IPSec connection Configure audit logging for an L2TP/IPSec connection .

Practice: Configuring Logging on a Remote Access Server In this practice. you will configure logging on a remote access server .

Lesson: Collecting and Monitoring Network Access Data Why Collect Performance Data? Tools for Collecting Network Access Data How to Monitor Wireless Network Activity .

Why Collect Performance Data? Collect performance data to: Evaluate the workload of your server and the effect on resources Observe changes and trends in workloads Track resource usage Test configuration changes or other tuning efforts Isolate problems Target components or processes .

Tools for Collecting Network Access Data Tool Description Provides a way to view real-time performance data that is targeted System Monitor toward specific components and services Enables you to capture specific Performance Logs and Alerts performance data for components and services Wireless Provides details about wireless Monitor network access points and clients .

How to Monitor Wireless Network Activity Your instructor will demonstrate how to:Enable or disable wireless client information logging View details about wireless network access points View details about wireless network clients .

you will:  Determine the best tools to use for monitoring and identifying certain network access issues  Configure Performance Logs .Practice: Collecting and Monitoring Network Access Data In this practice.

you will monitor remote access by using the Performance console .Lab A: Managing and Monitoring Remote Access In this lab.

Course Evaluation .

How to Back Up and Restore a WINS Database Your instructor will demonstrate how to:Specify a back up directory for the WINS database Manually back up a WINS database Restore a WINS database from a recent backup .

replicated to other WINS servers. Records selected by using the WINS console are removed from the current local WINS server • Tombstoned deletion.What Are Simple Deletion and Tombstoned Deletion of Records? To recover unused space that obsolete records occupy. Records are marked for deletion. you can update the WINS database • Simple by: deletion. and then removed during the next scavenging operation .

How to Delete a WINS Record Your instructor will demonstrate how to delete a WINS record .

Administrator stops the WINS server and uses the jetpak command . Automatically occurs while the database is in use • Offline compacting.What Are Dynamic and Offline Compacting? Compacting is the process of recovering unused space in a WINS database that is occupied by obsolete records Maintain WINS database integrity by using: • Dynamic compacting.

How to Compact a WINS
Database

Your instructor will demonstrate how
to compact a WINS database offline

How Scavenging Works

7-days 7-days
Jan 1 Jan 8 Jan 15
Refres
Time No- h Scave
stampe Refresh Interva nge
d Interval l

Aging
Scavenging process:
The
Active
Released
Namesactive
names
marked
names
names
that
for
that
that
are
deletion
the
replicated
theWINS
WINS
for
thatwhich
server
are
server
from
6
5
4
3
2
1
7 The
Names
owns
other
the scavenging
server
marked
replicated
Extinction
and
servers
replicated for
from
starts
for
timer
which
fromand
up
deletion
other
timeout
for
other
and the starts
which
servers
isareRenewthat
when
Extinction
has
servers
equal the are
expired
and
to
arehalf
thewhich
for
removed
Interval
Verification
interval
are
the
the
fromdeleted
Extinction
Renewal
the has and
expired
interval
database timeout
removed
interval hashas
marked
from
expired
expired
the for
asareare
released
revalidated
deletion and removed from the database
database
deleted

How to Scavenge the WINS
Database

Your instructor will demonstrate how
to:
Configure scavenging settings on the
WINS database
Scavenge the WINS database

How a WINS Database Is Checked for
Consistency

Checking WINS database consistency helps
maintain database integrity among WINS
servers in a large network

WINS Server

WINS Server

WINS Server

How to Check for Consistency on a
WINS Database

Your instructor will demonstrate how
to:
Configure WINS database verification
Verify database consistency
Verify version ID consistency

Guidelines for Decommissioning
a WINS Server

Decommissioning an installed WINS server
is the act of removing it from a network

Guidelines for decommissioning a
• If you
WINS reduce the number of WINS
server:
servers in your network, you can
reconfigure WINS clients to point to
other WINS servers in the network
• Reconfiguration is necessary only if
clients are still using WINS
• If you eliminate WINS in your
network, you can implement DNS as
your primary naming service

How to Decommission a WINS Server Your instructor will demonstrate how to decommission a WINS server .

Practice: Managing a WINS Database In this practice. you will manage a WINS database .

Lab A: Resolving NetBIOS Names by Using Windows Internet Name Service (WINS) In this lab. you will identify and resolve common issues when resolving NetBIOS names by using WINS .