Chapter 11: Dial-Up Connectivity in Remote Access Designs Designs That Include Dial-Up Remote Access Essential Dial-Up Remote Access Design Concepts Data Protection in Dial-Up Remote Access Designs Dial-Up Remote Access Design Optimization

Routing and Remote Access Introduction For remote access to private networking resources, you can use Dial-up Virtual private network (VPN) Remote Authentication Dial-In User Service (RADIUS) Dial-up access lets you control Remote access servers Modem types and data rates Access phone numbers User accounts Accessibility of private network resources Dial-up access uses Point-to-Point Protocol (PPP).

Routing and Remote Access and Microsoft Windows 2000 A Windows 2000 feature Remote access client Remote access server

Remote Access Clients and Servers

Dial-Up Remote Access Design Review Amount of data transmitted Number of locations Existing modems and phone lines Plans for network growth Number of simultaneous clients Operating systems used by clients Protocols used by clients

Dial-Up Remote Access Design Decisions Integration into existing network Hardware requirements for servers Confidential data protection Availability to remote access users Optimization of network traffic

Dial-Up Remote Access Designs Use dial-up remote access to control all design aspects. Evaluate cost of ownership issues. Number of simultaneous remote users Number of locations requiring remote access Monthly phone line costs Initial investment in modems Phone line installation Ongoing support costs Consider outsourcing to reduce costs.

Number of Remote Access Servers Determine the maximum number of users. Determine the sustained data rate. Perform a pilot test. Calculate the number of servers.

Placing Remote Access Servers Placement goals: Centralize administration Reduce costs Reduce network traffic Single or multiple location configuration

Single Location Configuration The hardware must support the maximum number of users. Advantages: Centralized administration Reduced administration costs Disadvantages: Increased network traffic on segments Increased telephone charges No redundancy

Multiple Location Configuration The hardware must support the maximum number of users. Advantages: Reduced network traffic between segments Reduced telephone charges Redundancy Disadvantages: Decentralized administration Increased administration costs

Remote Access Client Support Communications ports Transport protocols determined by Operating system Applications Network management tools Resource servers accessed by client Network address assignment Manually allocate Automatically assign using Dynamic Host Configuration Protocol (DHCP)

Preventing Unauthorized Access Restrict access to resources on the server. Restrict traffic on the server by using filters. Resources or servers Network segments Traffic types (for example, HTTP) Place servers on screened subnets.

Preventing Unauthorized Access (Cont.)

Protecting Remote Access Data Authenticate remote users. Local accounts Active Directory directory service accounts Encrypt confidential data. Microsoft Point-to-Point Encryption (MPPE) Internet Protocol Security (IPSec) Enforce remote access policies. Conditions Remote access permissions Profiles

Enhancing Remote Access Availability Include multiple dial-up remote access servers. Use backup phone numbers. Dedicate a computer to Routing and Remote Access.

Improving Remote Access Performance Upgrade server hardware. Intelligent communications adapters Faster modems Server processor and memory Distribute clients across multiple servers. Dedicate a computer to Routing and Remote Access.

Chapter Summary Dial-up provides control over remote access but is more expensive. Services include remote access client and server.

Chapter Summary (Cont.) Your design should Determine maximum number of users and data rate Use multiple servers Evaluate client needs Protect the private network Improve availability and performance