NAP with IPSEC and PKI in a Real World
Download as PPTX, PDF0 likes559 views
The document discusses the University of Vila Velha in Brazil which has over 18,000 students and 1,200 teachers. It outlines the university's need to improve security for its network as the number of computers and wireless users has grown rapidly. The university plans to deploy IPsec with Kerberos authentication between administrative and student networks, implement a PKI project, and deploy network access protection and Forefront client on endpoints to enforce security policies and authentication.
More Related Content
Similar to NAP with IPSEC and PKI in a Real World (20)
More from Rodrigo Immaginario (11)
Recently uploaded (20)
NAP with IPSEC and PKI in a Real World
- 2. Know University of Vila Velha Phases of the Project Demos How to Start Q&A
- 3. University of Vila Velha The first private university of ES with more than 32 years of expertise in higher education
- 4. University of Vila Velha The largest private library of Esp鱈rito Santo
- 5. University of Vila Velha Laboratories of biomedical and agricultural courses
- 6. University of Vila Velha Computing Labs
- 7. ~ 18.000 Students ~ 1.200 Teachers 1.500 Computers 14 Buildings Hospital Laboratories of Biomedical Agricultural course 4 Campi + 40 services for students and Teachers (WEB) Radio University TV
- 8. IT Team - DTI 4 Systems Analysts 5 Technical Support 2 Trainees 3 Shifts (from 07:00 to 23:00)
- 9. ~ 60 attacks daily (only from our Labs !) Hundreds of notebooks ( Teachers and Students) in the network Physical network grow to fast Students became more dangerous
- 10. Improve security for our Network Restrict access for some Servers Deploy more services to Students and Teachers Improve the agility to changes in the Campus Find the best solution - Security X Cost Reduce TCO
- 11. Learn the flow of data in our environment Documentation and classification of our services, data and network
- 12. Deploy Server and Domain Isolation (IPSec) with Kerberos Merge Administrative and Student Network in the same physical network
- 16. Deploy PKI project Deploy Wireless network for Students and Teachers Change IPSec authentication from Kerberos for Certificates - Secundary Benefits - 2-factor authentication (token for Admin access) Improve security for VPN Access
- 18. Deploy NAP (Reporting Mode )
- 20. Deploy Forefront Client Deploy NAP - Enforcement mode Deploy NAP for Linux Clients
- 21. 1. Understand how your data flow in your enviroment 2. Create a Documentation of groups, services, servers and exemption lists 3. If possible use PKI 4. Create a Project LAB for testing 5. Deploy IPSec with FallBack enable 6. Deploy NAP (reporting mode)
- 23. Microsoft Developer Network (MSDN) (Webcasts, Blogs, Chats, http://microsoft.com/msdn Microsoft Technet (Webcasts, Blogs, Chats) http://microsoft.com/technet Trial Software e Virtual Labs http://www.microsoft.com/technet/downloads/trials/default.mspx http://www.microsoft.com/nap http://blogs.technet.com/nap/ Case IPSec - http://www.microsoft.com/casestudies/casestudy.aspx?casestudyid=49593 Case NAP - http://www.microsoft.com/brasil/technet/ithero/abril07/default.mspx Article IPSec - http://www.microsoft.com/technet/community/columns/secmvp/sv0906.mspx
- 24. 息 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.