1 / 18

Microsoft Windows NT 4.0 Authentication Protocols

Microsoft Windows NT 4.0 Authentication Protocols. Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) Shiva Password Authentication Protocol (SPAP) Point-to-Point Tunneling Protocol (PPTP).

ann
Download Presentation

Microsoft Windows NT 4.0 Authentication Protocols

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft Windows NT 4.0 Authentication Protocols • Password Authentication Protocol (PAP) • Challenge Handshake Authentication Protocol (CHAP) • Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) • Shiva Password Authentication Protocol (SPAP) • Point-to-Point Tunneling Protocol (PPTP)

  2. Microsoft Windows 2000 Authentication Protocols • Support the Windows NT 4.0 authentication protocols • Extensible Authentication Protocol (EAP) • Remote Authentication Dial-In User Service (RADIUS) • Internet Protocol Security (IPSec) • Layer Two Tunneling Protocol (L2TP) • Bandwidth Allocation Protocol (BAP)

  3. Extensible Authentication Protocol (EAP) • Is an extension to the Point-to-Point protocol (PPP) • Works with dial-up, PPTP, and L2TP clients • Allows arbitrary authentication mechanisms to validate a dial-in connection • Supports authentication by using generic token cards, MD5-CHAP, and TLS • Allows vendors to supply new client and server authentication modules

  4. Remote Authentication Dial-In User Service (RADIUS) • RADIUS provides • Remote user authentication that is vendor-independent. • Scaleable authentication designs for performance. • Fault-tolerant designs for reliability. • Windows 2000 can act as a RADIUS client or server.

  5. Windows 2000 Can Act as a RADIUS Client • A RADIUS client • Is typically an ISP dial-up server • Receives authentication requests • Forwards the requests to a RADIUS server • A Windows 2000 RADIUS client • Can also forward accounting information • Is configured on the remote access server’s Securities tab

  6. Windows 2000 Can Act as a RADIUS Server • A RADIUS server validates the RADIUS client request. • Windows 2000 uses Internet Authentication Services (IAS) to perform authentication. • IAS stores accounting information from RADIUS clients in log files. • IAS is one of the optional components you can add.

  7. Internet Protocol Security (IPSec) • Consists of a set of security protocols and cryptographic protection services • Ensures secure private communications over IP networks • Provides aggressive protection against private network and Internet attacks • Negotiates a security association (SA) with clients that acts as a private key to encrypt the data flow

  8. Layer Two Tunneling Protocol • Similar to PPTP • Creates an encrypted tunnel • Does not provide encryption • Works with encryption technologies such as IPSec

  9. Differences Between L2TP and PPTP • L2TP does not require an IP-based transit network. • L2TP supports header compression. • L2TP supports tunnel authentication. • L2TP uses IPSec for encryption and PPTP uses PPP encryption.

  10. Bandwidth Allocation Protocol (BAP) and Bandwidth Allocation Control Protocol (BACP) • Dynamically add or drop links on demand • Are PPP control protocols • Provide bandwidth on demand 10

  11. Allowing Inbound Dial-Up Connections

  12. Configuring Devices for Incoming Connections

  13. Allowing Virtual Private Connections • Click Next on the Devices For Incoming Connections page. • Select either to allow or not allow virtual private connections on the Incoming Virtual Private Connection page.

  14. Specifying Users and Callback Options

  15. Selecting Networking Components • Choose the networking components to enable for incoming calls. • Install additional networking components.

  16. Dial-Up Connections

  17. Connections to a Virtual Private Network (VPN) • Create a VPN by using tunneling protocols such as PPTP or L2TP. • Create secure connections across an untrusted network. • Select Connect To A Private Network Through The Internet. • Decide if you want to select Automatically Dial This Initial Connection. • Enter the host name or IP address to which you are connecting. • Specify who can use the connection.

  18. Direct Connection to Another Computer Through a Cable • Select Connect Directly To Another Computer. • Select whether your computer will be the host or the guest for the connection. • Select the port that is connected to the other computer. • Specify the users who can use this connection. • Decide if you want a shortcut icon on your desktop.

More Related