Module 9: Fundamentals of Securing Network Communication.

Slides:



Advertisements
Similar presentations
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Advertisements

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Deploying and Managing Active Directory Certificate Services
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Lecture 23 Internet Authentication Applications
Chapter 9 Deploying IIS and Active Directory Certificate Services
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Chapter 11: Active Directory Certificate Services
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Authentication, Authorization and Accounting
Configuring Active Directory Certificate Services Lesson 13.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Microsoft ® Official Course Module 8 Deploying and Managing Certificates.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
Module 14: Configuring Print Resources and Printing Pools.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Secure Socket Layer (SSL)
Implementing Network Access Protection
Configuring Encryption and Advanced Auditing
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Module 14: Configuring Server Security Compliance
Module 7: Fundamentals of Administering Windows Server 2008.
TNQ How To Implement Secure, Web-Based Business Solutions Based On Windows ® 2000 Server And Internet Information Server 5.0 Name Title Microsoft.
20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,
Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Module 11: Remote Access Fundamentals
Module 8: Configuring Network Access Protection
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Module 9: Designing Network Access Protection. Scenarios for Implementing NAP Verifying the health of: Roaming laptops Desktop computers Visiting laptops.
Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.
Building Security into Your System Bill Major Gregory Ponto.
Module 8: Planning and Troubleshooting IPSec. Overview Understanding Default Policy Rules Planning an IPSec Deployment Troubleshooting IPSec Communications.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
70-412: Configuring Advanced Windows Server 2012 services
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.
Creating and Managing Digital Certificates Chapter Eleven.
Module 13: Enterprise PKI Active Directory Certificate Services (AD CS)
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Module 10: Windows Firewall and Caching Fundamentals.
Module 14: Advanced Topics and Troubleshooting. Microsoft ® Windows ® Small Business Server (SBS) 2008 Management Console (Advanced Mode) Managing Windows.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
Building and extending the internal PKI
X509 Web Authentication From the perspective of security or An Introduction to Certificates.
Module 8: Securing Network Traffic by Using IPSec and Certificates
Server-to-Client Remote Access and DirectAccess
Goals Introduce the Windows Server 2003 family of operating systems
Module 8: Securing Network Traffic by Using IPSec and Certificates
Install AD Certificate Services
Presentation transcript:

Module 9: Fundamentals of Securing Network Communication

Public Key Infrastructure Using Certificates

Lesson 1: Public Key Infrastructure Components of Public Key Infrastructure Selecting a Certification Authority What Is a Certificate? Types of Certificates What Is a Certificate Template? New Certificate Features in Windows Server® 2008

Components of Public Key Infrastructure Certificate and CA Management Tools Certification Authority Certificate and CRL Distribution Points Certificate Template Digital Certificate Digital Certificate Certificate Revocation List Public Key-Enabled Applications and Services

Selecting a Certification Authority Internal CAs: Generate certificates free of charge Are trusted by internal computers Are not trusted by computers outside the organization External CAs: Require a fee for each certificate Are trusted by internal and external computers

What Is a Certificate? A digital certificate: Can be used to verify identity Contains a public key Contains information about the issuer and the subject Is signed by a CA

Types of Certificates Certificate TypeDescription User Assigned to users for performing actions such as file encryption Computer Assigned to computers for performing actions such as domain communication CA Assigned to certification authorities to authorize the issuing of certificates Certificates can be for limited uses:

What Is a Certificate Template? Certificate Template Description AdministratorAllows trust list signing and user authentication Basic EFS Used by Encrypting File System (EFS) to encrypt data Computer Allows a computer to authenticate itself on the network Domain ControllerAll-purpose certificates held by domain controllers IPSec Used by IP Security (IPSec) to digitally sign, encrypt, and decrypt network communication User Certificate to be used by users for , EFS, and client authentication Web ServerProves the identity of a Web server Certificate templates include:

New Certificate Services Features in Windows Server 2008 New FeatureDescription Enterprise PKIA tool for monitoring your PKI environment Network Device Enrollment Service Allows routers and switches to obtain X.509 certificates Online certificate status protocol Allows queries to view the validity of certificates Policy settings Updated with addition features for managing certificated by using Group Policy Web enrollmentUpdated to use a new DLL for enrollment control Cryptography Next Generation A set of APIs for performing cryptographic operations Restricted Enrollment Agent An authorized individual that can approve certificate requests for specific security groups New certificate services features include:

Lesson 2: Using Certificates What Is the Certificates Snap-in? What Is SSL? What Is IPSec? What Is S/MIME? How Certificates Are Used for Remote Access Demonstration: Obtaining a User Certificate

What Is the Certificates Snap-in? The Certificates snap-in manages user and computer certificates

What Is SSL? Secure Sockets Layer (SSL): Encrypts communication between a client and server Requires no client configuration Is commonly used with basic authentication Uses asymmetric encryption to establish a secure channel Uses symmetric encryption to secure data in transit Server Client Encrypted Text Unencrypted Text

What Is IPSec? IPSec: Secures communication between two hosts Authenticates both hosts Is configured by using Windows Firewall with Advanced Security Can use multiple authentication types: – Pre-shared key – Kerberos version 5 protocol – Certificates

What Is S/MIME? Secure Multipurpose Internet Mail Extensions (S/MIME): Is a standard for helping to secure communication Can encrypt messages Can digitally sign messages Is supported by most clients Requires coordination between senders

How Certificates Are Used for Remote Access When certificates are used for remote access: The certificates are used as an authentication method Security is increased over using a username and password Can be placed on a smart card for additional security

Demonstration: Obtaining a User Certificate In this demonstration, you will see how to obtain a user certificate.

Lab: Securing Web Communication Exercise 1: Verifying the Trusted Root CA Exercise 2: Securing a Web site by using SSL Logon information Virtual computer NYC-DC1, NYC-CL1 User nameAdministrator Password Pa$$w0rd Estimated time: 60 minutes

Lab Review Why does accessing the Web site by IP address trigger a warning? What is the difference between removing the HTTP binding for a Web site and requiring the use of SSL? What is the difference between a certificate request, a domain certificate, and a self-signed certificate?

Module Review and Takeaways Review Questions Real-world Issues and Scenarios Best Practices Tools

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.