Microsoft Windows Server 2012                                Seminar: Transparant werken met Direct Access.               ...
 Windows Server 2012 Trends and Challenges Direct Access Get Started: Advies en Doen!
The Cloud OS
New    Deviceapps   proliferation   Data explosion   Cloud computing
Support for                                                    Windows                                  Easy-deployment   ...
is
Client authentication requests are sent to a KDC Proxy Server service running on the DirectAccessserver         Kerberos p...
 TCP port 443 NATted or allowed to DA Edge (on firewall) DirectAccess server must have a server authentication certifica...
with single network interface or multiple interfacesIf so, only IP-HTTPS will be deployed
Data is encrypted by IPSec as well as by SSL, so the data is encryptedtwiceCan configure IP-HTTPS to work when behind auth...
   DNS Query for DirectAccess-NLS.corp.domain.com   IPv4 (A) DNS Query for da.domain.com
NAT64/DNS64 is the reason DA works on IPv4 Networks                                                                       ...
Offline Provisioning of Direct Access Clients
Djoin /provision /machine CLIENT1 /domain corp/policynames "DirectAccess Client Settings"/rootcacerts /savefile c:filespro...
Download Windows Server2012LearnAct
MCSA: Windows Server 2012                          +                           +                          =    Installing ...
MCSE: Server Infrastructure                                                                          * Requires           ...
MCSE: Desktop Infrastructure                                                                                * Requires    ...
Upgrade paths                                                                                   Windows Server 2012       ...
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access
Upcoming SlideShare
Loading in …5
×

Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access

702 views

Published on

Transparant werken met Direct Access. De mogelijkheden van Direct Access
Het nieuwe werken. Thuis, onderweg, bij een klant of op de zaak. Overal waar u bent wilt u dezelfde gebruikerservaring hebben. Met Direct Access is uw laptop met internetvoorziening altijd onderdeel van uw bedrijfsnetwerk. Zo kunt u altijd bij uw bestanden en behoort de complexiteit van VPN connecties tot het grijze verleden! Deze oplossing is perfect voor iedere bedrijfsgrootte, van klein-MKB tot grote enterprise ondernemingen.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
702
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  •  
  •  
  • Windows Server 2012 Seminar 4 - De mogelijkheden van Direct Access

    1. 1. Microsoft Windows Server 2012 Seminar: Transparant werken met Direct Access. Het nieuwe werken. Thuis, onderweg, bij een klant of op de zaak. Overal waar u bent wilt u dezelfde gebruikerservaring hebben. Met Direct Access is uw laptop met internetvoorziening altijd onderdeel van uw bedrijfsnetwerk. Zo kunt u altijd bij uw bestanden en behoort de complexiteit van VPN connecties tot het grijze verleden! Deze oplossing is perfect voor iedere bedrijfsgrootte, van klein-MKB tot grote enterprise ondernemingen.
    2. 2.  Windows Server 2012 Trends and Challenges Direct Access Get Started: Advies en Doen!
    3. 3. The Cloud OS
    4. 4. New Deviceapps proliferation Data explosion Cloud computing
    5. 5. Support for Windows Easy-deployment PowerShell for wizard client and serverTransparent network accessto the end user from anyInternet connection Support for Site-to-site multiple sites tunnelingSimple to deploy Flexible Unified Built-in support forand manage deployment management IPv6 translationcentrally scenarios experience technology 9
    6. 6. is
    7. 7. Client authentication requests are sent to a KDC Proxy Server service running on the DirectAccessserver Kerberos proxy sends Kerberos requests to DCs on behalf of the client
    8. 8.  TCP port 443 NATted or allowed to DA Edge (on firewall) DirectAccess server must have a server authentication certificate for TLS  Will be trusted by clients (forcibly through Group Policy if necessary)  Self-signed cert used automatically for IPHTTPS/KDC Proxy
    9. 9. with single network interface or multiple interfacesIf so, only IP-HTTPS will be deployed
    10. 10. Data is encrypted by IPSec as well as by SSL, so the data is encryptedtwiceCan configure IP-HTTPS to work when behind authenticating proxy IP-HTTPS is now preferred transport
    11. 11.  DNS Query for DirectAccess-NLS.corp.domain.com IPv4 (A) DNS Query for da.domain.com
    12. 12. NAT64/DNS64 is the reason DA works on IPv4 Networks 172.16.0.20 Native IPv4 traffic IPv4-only Server Native IPv6 traffic fd00:fefe:2::172.16.0.20 IPv6 Prefix - fd00:fefe:2::/96 SERVER IN AAAA IN A80 SERVER FD00:FEFE:2::172.16.0.20 TCP port 172.16.0.20s IPv4 Internal Address – 172.16.0.100 172.16.0.101 172.16.0.20 TCP port TCP port 80 1060 IPv6 Network IPv4 Network NAT64/DNS64 gateway (DA) fd00:fefe:1::bef1:2002, TCP port 1025 IPv6 Client DNS Server fd00:fefe:1::bef1:2002 172.16.0.2 8. NAT64 gateway translates theAAAAIPv6 1. NAT64 gatewaysendsthat DNSresponse to 6. DNS64 convertstranslatesto /96 IPv6query 4. NAT64 device forwardsIPv4 query record 2. IPv4-only informs NAT64 device replies no queryfor 3. DNS Server configuredAAAAAAAA packet 9.9.IPv6 Client Server DNSA with the dynamic NAT64 devicesendsDNS DNSassociating to the IPv4 for A packet the 5. DNS AAAA one, connection 7. IPv6 Client sends packet to IPv4, dynamically IPv4-only IPv4 replies withNAT64 gateway an IPv6using associated toIPv6 IPv4IPv4 existsaddress used adding Server’s Server to IPv6andServer DNS Server IPv4 address to authoritative by the IPv4 for prefix addressthe information in /96 prefix Server IPv6 address with anthe the IPv6 source address pool address translation table receiver from the pool
    13. 13. Offline Provisioning of Direct Access Clients
    14. 14. Djoin /provision /machine CLIENT1 /domain corp/policynames "DirectAccess Client Settings"/rootcacerts /savefile c:filesprovision.txt/reuse
    15. 15. Download Windows Server2012LearnAct
    16. 16. MCSA: Windows Server 2012 + + = Installing and Configuring Advanced Configuring Windows Administering Windows Windows Server 2012 MCSA: Windows Server Server 2012 Server 2012 Services 2012 Installing and Configuring Advanced Configuring Windows Administering Windows Windows Server 2012 Server 2012 Server 2012 Services Find a Learning Partner
    17. 17. MCSE: Server Infrastructure * Requires recertification + + = Designing and Implementing an Implementing a Server Advanced Server MCSE: Server Windows Server 2012 Infrastructure Infrastructure Infrastructure Designing and Implementing an Implementing a Server Advanced Server Infrastructure Infrastructure Find a Learning Partner
    18. 18. MCSE: Desktop Infrastructure * Requires recertification + + = Implementing Desktop Implementing a Desktop Application MCSE: Desktop Windows Server 2012 Infrastructure Environments Infrastructure Implementing Desktop Implementing a Desktop Application Infrastructure Environments Find a Learning Partner
    19. 19. Upgrade paths Windows Server 2012 Designing and Implementing a Server Implementing an Advanced Server Infrastructure Infrastructure Server InfrastructureAny of the following certifications qualify:• MCSA: Windows Server 2008*••• MCITP: Virtualization Administrator MCITP: Enterprise Messaging Administrator MCITP: Lync Server Administrator Either or• MCITP: SharePoint Administrator Upgrading Your Skills to• MCITP: Enterprise Desktop Administrator MCSA Windows Server 2012 Both Implementing a Desktop Implementing Desktop Desktop Infrastructure Infrastructure Application Environments

    ×