Microsoft Windows Server 2012 is the latest version of the Windows Server operating system. It introduces new features like Direct Access that allows transparent network access for users connecting from any Internet connection. The seminar discusses how Direct Access works and the benefits it provides in allowing users to access files and resources as if they were on the internal network even when connecting remotely. It also notes Direct Access is suitable for organizations of all sizes.
Windows Server 2012 - Dynamische opslag met Storage Pools
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
1. Microsoft Windows Server 2012
Seminar: Transparant werken met Direct Access.
Het nieuwe werken. Thuis, onderweg, bij een klant of op de zaak. Overal
waar u bent wilt u dezelfde gebruikerservaring hebben. Met Direct Access
is uw laptop met internetvoorziening altijd onderdeel van uw
bedrijfsnetwerk. Zo kunt u altijd bij uw bestanden en behoort de
complexiteit van VPN connecties tot het grijze verleden! Deze oplossing is
perfect voor iedere bedrijfsgrootte, van klein-MKB tot grote enterprise
ondernemingen.
2.
3. Windows Server 2012
Trends and Challenges
Direct Access
Get Started: Advies en Doen!
7. New Device
apps proliferation Data explosion Cloud computing
8.
9. Support for
Windows
Easy-deployment PowerShell for
wizard client and server
Transparent network access
to the end user from any
Internet connection
Support for Site-to-site
multiple sites tunneling
Simple to deploy Flexible Unified Built-in support for
and manage deployment management IPv6 translation
centrally scenarios experience technology
9
16. Client authentication requests are sent to a KDC Proxy Server service running on the DirectAccess
server
Kerberos proxy sends Kerberos requests to DCs on behalf of the client
17. TCP port 443 NATted or allowed to DA Edge (on firewall)
DirectAccess server must have a server authentication certificate for TLS
Will be trusted by clients (forcibly through Group Policy if necessary)
Self-signed cert used automatically for IPHTTPS/KDC Proxy
18. with single network interface or multiple interfaces
If so, only IP-HTTPS will be deployed
19. Data is encrypted by IPSec as well as by SSL, so the data is encrypted
twice
Can configure IP-HTTPS to work when behind authenticating proxy
IP-HTTPS is now preferred transport
20. DNS Query for DirectAccess-NLS.corp.domain.com
IPv4 (A) DNS Query for da.domain.com
21. NAT64/DNS64 is the reason DA works on IPv4 Networks
172.16.0.20
Native IPv4 traffic IPv4-only Server
Native IPv6 traffic
fd00:fefe:2::172.16.0.20
IPv6 Prefix - fd00:fefe:2::/96
SERVER IN AAAA IN A80
SERVER FD00:FEFE:2::172.16.0.20
TCP port 172.16.0.20s
IPv4 Internal Address – 172.16.0.100
172.16.0.101 172.16.0.20
TCP port TCP port 80
1060
IPv6 Network IPv4 Network
NAT64/DNS64
gateway (DA)
fd00:fefe:1::bef1:2002, TCP port 1025
IPv6 Client DNS Server
fd00:fefe:1::bef1:2002 172.16.0.2
8. NAT64 gateway translates theAAAAIPv6
1. NAT64 gatewaysendsthat DNSresponse to
6. DNS64 convertstranslatesto /96 IPv6query
4. NAT64 device forwardsIPv4 query record
2. IPv4-only informs
NAT64 device replies no queryfor
3. DNS Server configuredAAAAAAAA packet
9.9.IPv6 Client Server DNSA with the dynamic
NAT64 devicesendsDNS DNSassociating to
the IPv4 for
A packet the
5. DNS AAAA one, connection
7. IPv6 Client sends
packet to IPv4, dynamically
IPv4-only IPv4 replies withNAT64 gateway
an IPv6using associated toIPv6 IPv4IPv4
existsaddress used adding Server’s
Server
to IPv6andServer DNS Server IPv4 address
to authoritative by the
IPv4 for
prefix addressthe information in /96 prefix
Server IPv6 address with anthe the
IPv6
source address pool
address
translation table
receiver
from the pool
29. MCSA: Windows Server 2012
+ + =
Installing and Configuring Advanced
Configuring Windows Administering Windows Windows Server 2012 MCSA: Windows Server
Server 2012 Server 2012 Services 2012
Installing and Configuring Advanced
Configuring Windows Administering Windows Windows Server 2012
Server 2012 Server 2012 Services Find a Learning Partner
30. MCSE: Server Infrastructure
* Requires
recertification
+ + =
Designing and Implementing an
Implementing a Server Advanced Server MCSE: Server
Windows Server 2012 Infrastructure Infrastructure Infrastructure
Designing and Implementing an
Implementing a Server Advanced Server
Infrastructure Infrastructure Find a Learning Partner
31. MCSE: Desktop Infrastructure
* Requires
recertification
+ + =
Implementing Desktop
Implementing a Desktop Application MCSE: Desktop
Windows Server 2012 Infrastructure Environments Infrastructure
Implementing Desktop
Implementing a Desktop Application
Infrastructure Environments Find a Learning Partner
32. Upgrade paths
Windows Server 2012
Designing and
Implementing a Server Implementing an Advanced
Server Infrastructure
Infrastructure Server Infrastructure
Any of the following certifications qualify:
• MCSA: Windows Server 2008*
•
•
•
MCITP: Virtualization Administrator
MCITP: Enterprise Messaging Administrator
MCITP: Lync Server Administrator
Either or
• MCITP: SharePoint Administrator Upgrading Your Skills to
• MCITP: Enterprise Desktop Administrator
MCSA Windows Server
2012 Both
Implementing a Desktop Implementing Desktop
Desktop Infrastructure
Infrastructure Application Environments