Licensed to: ichapters User

Transcription

1

2 Title: MCITP Guide to Microsoft Windows Server 2008, Server Administration Michael Palmer Vice President, Career and Professional Editorial: Dave Garza Executive Editor: Stephen Helba Acquisitions Editor: Nick Lombardi Managing Editor: Marah Bellegarde Senior Product Manager: Michelle Ruelos Cannistraci Developmental Editor: Deb Kaufmann Editorial Assistant: Sarah Pickering Vide President, Career and Professional Marketing: Jennifer Ann Baker Marketing Director: Deborah S. Yarnell Senior Marketing Manager: Erin Coffin Associate Marketing Manager: Shanna Gibbs Production Director: Carolyn Miller Production Manager: Andrew Crouth Content Project Manager: Brooke Greenhouse Senior Art Director: Jack Pendleton Cover illustration: Shutterstock Manufacturing Coordinator: Amy Rogers Compositor: Pre-Press PMG 2011 Course Technology, Cengage Learning ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information networks, or information storage and retrieval systems, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without the prior written permission of the publisher. For product information and technology assistance, contact us at Cengage Learning Customer & Sales Support, For permission to use material from this text or product, submit all requests online at cengage.com/permissions Further permissions questions can be ed to Library of Congress Control Number: ISBN-13: ISBN-10: Course Technology 20 Channel Center St. Boston, MA USA Cengage Learning is a leading provider of customized learning solutions with office locations around the globe, including Singapore, the United Kingdom, Australia, Mexico, Brazil, and Japan. Locate your local office at: international.cengage.com/region Cengage Learning products are represented in Canada by Nelson Education, Ltd. For your lifelong learning solutions, visit course.cengage.com Visit our corporate website at cengage.com. Some of the product names and company names used in this book have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufacturers and sellers. Microsoft and the Office logo are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Course Technology, a part of Cengage Learning, is an independent entity from the Microsoft Corporation, and not affiliated with Microsoft in any manner. Any fictional data related to persons or companies or URLs used throughout this book is intended for instructional purposes only. At the time this book was printed, any such data was fictional and not belonging to any real persons or companies. Course Technology and the Course Technology logo are registered trademarks used under license. Course Technology, a part of Cengage Learning, reserves the right to revise this publication and make changes from time to time in its content without notice. The programs in this book are for instructional purposes only. They have been tested with care, but are not guaranteed for any particular intent beyond educational purposes. The author and the publisher do not offer any warranties or representations, nor do they accept any liabilities with respect to the programs. Printed in the United States of America

3 chapter 1 Introduction to Windows Server 2008 After reading this chapter and completing the exercises, you will be able to: Identify the key features of each Windows Server 2008 edition Understand client systems that can be used with Windows Server 2008 Identify important general features of Windows Server 2008 Plan a Windows Server 2008 networking model Understand and implement networking protocols used by Windows Server

4 2 Chapter 1 Introduction to Windows Server 2008 Microsoft Windows Server systems are at the core of information access, productivity, and entertainment all over the world. Chances are that you access a Windows server when you purchase music on the Internet, open a spreadsheet at work, watch a movie on a plane, or send an . Windows Server 2008 is Microsoft s newest server platform that offers more roles for servers, better security, easier server management, and more reliable computing than its predecessors. This book is intended to give you a solid grounding in how to install and use Windows Server 2008 for all types of computing situations. In this chapter, you begin your journey by learning about the different Windows Server 2008 platforms, from the Standard Edition to the Itanium-based version. You also learn how Windows Server 2008 works in tandem with client desktop systems such as Windows Vista and Windows 7. Windows Server 2008 incorporates many new features, which you learn about in this chapter and go on to master in later chapters. After exploring the features, you review the networking models used by Windows Server 2008, from peer-to-peer to server-based networking. Finally, you learn how to implement protocol communications for effective Windows Server 2008 networking. Windows Server 2008 Platforms Servers have a wide variety of uses designed to match the needs of a variety of users from small businesses to international corporations. They are also finding their way into homes and home offices. Because one size does not fit all needs, it is important to offer different types of server operating systems. Windows Server 2008 comes in eight versions. All versions are built on the same foundation, but offer unique capabilities to suit a home office or a business with branches all over the world. The Windows Server 2008 platforms are as follows: Windows Server 2008 Standard Edition Windows Server 2008 Enterprise Edition Windows Web Server 2008 Windows Server 2008 Datacenter Edition Windows Server 2008 for Itanium-Based Systems Windows Server 2008 Standard Edition without Hyper-V Windows Server 2008 Enterprise Edition without Hyper-V Windows Server 2008 Datacenter Edition without Hyper-V These platforms are discussed in the next sections. In addition to these basic editions, Microsoft offers a specialized Windows Server 2008 version called Windows High-Performance Computing (HPC) Server Windows HPC Server 2008 is designed to use with clusters (multiple computers working in tandem) of high-performance computers that offer supercomputing capabilities. Windows Server 2008 Standard Edition Windows Server 2008 Standard Edition is the most basic server version on which the other versions are based. It is designed to meet the everyday needs of small to large businesses. Standard Edition provides file and print services, secure Internet connectivity, and centralized management of network resources. This platform is built on technology from previous Windows Server systems, such as Windows Server 2003, but includes many new features. Also, the program coding of existing features is enhanced for security and efficiency. A small company or a department in a larger company might use Windows Server 2008 Standard Edition to manage its accounting and payroll software, for example. A medium-sized or large

5 Windows Server 2008 Platforms 3 company might use it to manage or network resources. Small to large companies might use Standard Edition to manage users access to application software, such as Microsoft Office. Windows Server 2008 can be used on x86 and x64 computers, which is true of all editions of Windows Server An x86 computer has a 32-bit processor and is based on the architecture of the original processor family. Intel, Advanced Micro Devices (AMD), and VIA manufacture x86-compatible processors. An x64 computer uses a 64-bit processor in personal computers and servers for faster, industrial-strength processing and is also manufactured by Intel, AMD, and VIA. In Standard Edition, an x86 server can use up to 4 GB of RAM whereas an x64 server can have up to 32 GB bit and 64-bit refer to the number of bits the processor can receive and transmit at one time (in parallel). Because a 64-bit computer can transport twice as many bits at one time, it is faster than a 32-bit processor (depending on the ability of the operating system to take advantage of 64-bit processing). Also, a 64-bit processor can handle more RAM than a 32-bit processor (again depending on the capabilities of the operating system). Starting with Windows Server 2008 Release 2 (R2), Microsoft is now creating operating systems written only for 64-bit processors. Windows 7 can still be used on 32-bit processors, but it is optimized for 64-bit machines. Standard Edition provides basic server elements that enable file and printer sharing, essential network services, application sharing, and other server services. In addition to x86 and x64 processors, Standard Edition supports multiprocessor computers and multiprocessor clients. A multiprocessor computer is known as a symmetric multiprocessor (SMP) computer, which is a computer that uses more than one processor. For companies that develop their own software, all editions of Windows Server 2008 are compatible with the common language runtime used in Microsoft.NET Framework and Microsoft Visual Studio.NET, and Windows Server 2008 enables computer programmers to develop and use program code in several programming languages. Included with Standard Edition is Hyper-V. Hyper-V enables Windows Server 2008 to offer a virtualization environment, which is a way to run more than one operating system on a single computer at the same time. Historically, organizations have used multiple servers for different operating systems, such as one server for Windows Server 2003, one for Windows Server 2008, and one for Linux. The disadvantage of this approach is the cost of multiple computers. In organizations that require tens or hundreds of servers, the hardware costs rise fast. Also, additional costs are associated with housing the computers in temperature-controlled computer rooms, including the cost of security and cooling the machines. Virtualization offers a way to cut costs by using fewer computers. The advantages of Hyper-V compared with Microsoft s earlier Virtual Server 2005 R2 include the following capabilities: Can run 32-bit and 64-bit operating systems at the same time Can run on SMP computers Can access larger memory segments When you purchase Windows Server 2008 Standard Edition, you can select whether to have Hyper-V included (but currently Hyper-V only runs on x64 computers). Windows Server 2008 Enterprise Edition Windows Server 2008 Enterprise Edition is designed to meet the everyday needs of networks with applications and Web services requiring high-end servers and a high level of productivity. It is intended for midsized and large organizations that want the option to continue scaling their server operations upward. Enterprise Edition also has more management and consolidation features for company-wide software applications.

6 4 Chapter 1 Introduction to Windows Server 2008 Medium-sized to large organizations might use this platform to host large-scale accounting, manufacturing, or inventory systems. A college might use this platform for a student information or registration system. A bank might take advantage of this platform because of its reliability and availability. Enterprise Edition supports both x86 and x64 computers. On an x86 computer, it supports up to 64 GB of RAM and on an x64 computer, it supports up to 2 terabytes (TB; a terabyte is about 1024 GB or one trillion bytes). Enterprise Edition also can handle SMP computers. Windows Server 2008 Enterprise Edition enables clustering. Clustering is the ability to increase the access to server resources and provide fail-safe services by linking two or more discrete computer systems so they appear to function as though they are one (see Figure 1-1). An immediate advantage of server clustering is the increase in computer speed to complete server tasks faster. Also, server clustering provides more computing power for handling resource-hungry applications. With clustering, as an organization adds more users and requires more demanding applications, one or more computers can be added to the cluster to handle the growth. This is a faster, less-expensive approach than having to purchase a larger computer and transfer users and applications to a new system because the old one is overwhelmed. Enterprise Edition supports clusters of up to 16 computers. Clustered servers acting as one Windows Server 2008 Windows Server 2008 Desktop computer Windows Server 2008 Connecting hub Desktop computer Desktop computer Figure 1-1 Three servers acting as one in a cluster Courtesy Course Technology/Cengage Learning Laptop computer Desktop computer Another advantage of Enterprise Edition is that it supports hot-add memory. Hot-add memory is the ability to add RAM without shutting down the computer or operating system. In addition to this capability, Enterprise Edition has fault tolerant memory sync, which enables memory to resynchronize after transient memory problems so there is no interruption to current

7 Windows Server 2008 Platforms 5 computing activities. This is an important feature because it is estimated that memory errors occur up to 100 times more frequently than memory failures. Some enterprise networks have servers with different operating systems and directory services. Enterprise Edition provides Microsoft Metadirectory Services to facilitate multiple directory services to track and manage access to such resources as user accounts, shared folders, and shared printers. This means less work for users because they can use one account to log on to all servers, instead of having different accounts for different operating systems. Simplifying access for users in this way also simplifies the work of server administrators. Yet another option in Enterprise Edition is the ability to have unlimited numbers of users remotely access a server. In Standard Edition, remote access is limited to 250 connections or fewer, depending on the type of access. 1 Windows Web Server 2008 Windows Web Server 2008 is designed for hosting and deploying Web services and applications. For scalability, this platform supports multiple processors. Windows Web Server 2008 is particularly optimized to run Microsoft Internet Information Services. Small to large companies, or departments within an organization that develop and deploy a single Web site, are examples of the intended users of this platform. They can employ it to develop a Web site that takes advantage of the.net Framework tools and XML Web services. Windows Web Server 2008 can be used on x86 and x64 computers. It supports up to 4 GB of RAM on an x86 computer and up to 32 GB on an x64 computer. A limitation of Windows Web Server 2008 is that it cannot be used to manage directory resources via hosting Active Directory, a function that is available to all other Windows Server 2008 platforms (you ll learn more about Active Directory later in this chapter). Windows Web Server 2008 also does not support some of the extra capabilities of Enterprise Edition. For example, it does not support clustering, hot-add memory, fault-tolerant memory sync, or Metadirectory Services. Further, Windows Web Server 2008 does not come with Hyper-V. Windows Server 2008 Datacenter Edition Windows Server 2008 Datacenter Edition is designed for environments with mission-critical applications, very large databases, and information access requiring high availability. This platform offers support for clustering with up to 16 computers. Also, for SMP computers it supports from 2 to 64 processors. Datacenter Edition enables hot-add memory for increased server availability and adds two other capabilities: hot-add processor and hot-replace processor. Hot-add processor means that a processor can be added to an empty processor slot while the system is running. With hotreplace processor, you can replace a processor in an SMP system without taking the system down. At this writing, Microsoft licensing includes a per-processor charge for the Datacenter Edition and the Itanium-Based Systems Edition. The RAM capabilities for the Datacenter Edition are identical to Enterprise Edition at 64 GB for x86 processor computers and 2 TB for x64 processor computers. Windows Server 2008 Datacenter Edition is designed for large database applications in any organization. A university alumni association might use it to house a database that tracks information on thousands of alumni all over the world. A large company might use it for an integrated accounting system that stores information in a complex database. A national investment firm might use it to track and manage the investment holdings of its customers. Windows Server 2008 for Itanium-Based Systems Microsoft also offers a Windows Server 2008 edition intended for use on Intel Itanium computers. An Itanium processor is a 64-bit processor that uses a design different than typical x86 and x64 processors, which allows it to process more instructions per processor cycle. Both 32-bit and 64-bit applications can be run on an Itanium computer.

8 6 Chapter 1 Introduction to Windows Server 2008 The design of an Itanium processor enables it to be scaled up to 512 processors and handle one petabyte (PB) of RAM (1024 TB). However, the maximum RAM supported by Windows Server 2008 for Itanium-Based Systems is 2 TB. The Itanium-Based Edition supports hot-add memory, hot-add processor, hot-replace processor, and SMP computers. This edition also supports server clustering for up to eight servers in one cluster. An Itanium system is intended for resource-intensive applications. For example, it might be used for an accounting system at a large corporation. Another example is as a server for research scientists who do resource-intensive computing. Another possible application is for an organization that has a large Web site accessed by a huge population, such as a Web site used by students at a university to access student information systems and . Because the Itanium processor is so scalable, it is also a good candidate for a company that is starting out but anticipates rapid growth, such as one offering new Internet-wide Web search engine capability. Windows Server 2008 Versions Without Hyper-V It is not necessary to pay extra for Hyper-V if your organization has no need for it. The following non-hyper-v versions of Windows 2008 are available: Windows Server 2008 Standard Edition without Hyper-V Windows Server 2008 Enterprise Edition without Hyper-V Windows Server 2008 Datacenter Edition without Hyper-V When you purchase a version without Hyper-V, the cost savings is very small. If your organization is growing or its computer strategy might change in the next few years, purchasing a Windows Server 2008 version with Hyper-V can save money and installation headaches in the future. Table 1-1 summarizes the minimum recommended hardware requirements for each of the Windows Server 2008 editions. Table 1-1 Minimum hardware requirements for the Windows Server 2008 editions Hardware Standard Edition Enterprise Edition Web Server Datacenter Edition Itanium-Based Edition CPU Disk space RAM 1 GHz (x86) 1.4 GHz (x64) (2 GHz or faster is recommended) 10 GB (40 GB or more recommended) 512 MB (2 GB or more recommended)* 1 GHz (x86) 1.4 GHz (x64) (2 GHz or faster is recommended) 10 GB (40 GB or more recommended) 512 MB (2 GB or more recommended)* 1 GHz (x86) 1.4 GHz (x64) (2 GHz or faster is recommended) 10 GB (40 GB or more recommended) 512 MB (2 GB or more recommended)* 1 GHz (x86) 1.4 GHz (x64) (2 GHz or faster is recommended) 10 GB (40 GB or more recommended) 512 MB (2 GB or more recommended)* Intel Itanium 2 10 GB (40 GB or more recommended) 512 MB (2 GB or more recommended)* Drive DVD DVD DVD DVD DVD Display Super VGA or better Super VGA or better Super VGA or better Super VGA or better Super VGA or better Interactive devices Keyboard and pointing device Keyboard and pointing device Keyboard and pointing device Keyboard and pointing device Keyboard and pointing device *On x86 systems, the RAM maximums are 4 GB for Standard and Web Server 2008 and 64 GB for Enterprise and Datacenter Editions. On x64 systems, the RAM maximums are 32 GB for Standard and Web Server 2008 and 2 TB for Enterprise and Datacenter Editions. For Itanium-based systems, the RAM maximum is 2 TB. You can do the hands-on activities in this book from a Windows Server 2008 server with or without virtualization. If you are not working from a virtual server, just follow the steps as written. If you are using a virtual server, such as Hyper-V, you first need to access the server from within the virtual environment. The following steps show how to start and access a Hyper-V virtual server that is already installed. You learn how to install a virtual server in Microsoft Hyper-V in Chapter 2, Installing Windows Server 2008.

9 Windows Server 2008 Platforms 7 To access a virtual server in Microsoft Hyper-V, follow these general steps: 1. Click Start, point to Administrative Tools, and click Hyper-V Manager. 2. In the middle pane of the Hyper-V Manager window, click the server, such as Windows If the server is not already started, click the Action menu and click Start (otherwise skip to Step 5). 4. Wait for the server to start up. 5. If necessary, double-click the name of the server in the middle pane to open its working window, which is the Virtual Machine Connection window. 6. When you see the screen that says Press CTRL1ALT1DELETE to log on (don t press CTRL1ALT1DELETE yet), click the Action menu under the title bar and click CTRL1ALT1DELETE. 7. Log on using your account and password, and click the right-pointing arrow. 8. Click the Maximize square in the upper-left corner of the window to go into the full screen mode (you ll see a yellow bar at the top). 9. Whenever you are finished (and logged off your account) and want to leave the full screen mode, click the Restore Down (two boxes) button in the yellow bar. 10. Close the Virtual Machine Connection window. 11. If you want to shut down the server, click the server in the middle pane, click the Action menu, and click Shut Down. Or, to leave the server running, skip to Step Close Hyper-V Manager. 1 Some steps in the activities in this book include bulleted questions with space for you to record your responses/answers. Activity 1-1: Determining the Windows Server 2008 Edition Time Required: Approximately 5 minutes Objective: Determine the Windows Server 2008 edition installed on a computer. Description: A computer room might have only a few or hundreds of servers. Sometimes it is important for a server administrator to verify which edition of Windows Server 2008 is running on a particular server. In this activity, you learn how to make a quick determination. You will need a server account provided by your instructor or server administrator. 1. Log on to Windows Server 2008 using your account. 2. Click Start, right-click Computer, and click Properties. 3. The window that is displayed provides basic information about the computer system. 4. Under the Windows edition section, you ll see the edition of Windows Server 2008, such as Windows Server Enterprise, as shown in Figure 1-2. Which version of Windows Server 2008 is installed on your computer? Record your answer in the space below. 5. Notice the other information available in this window. How much RAM is in the computer? Is the computer running an x86 or x64 version of Windows Server 2008? Record your answer below. 6. Close the System window.

10 8 Chapter 1 Introduction to Windows Server 2008 Figure 1-2 Viewing information about the Windows Server 2008 system Courtesy Course Technology/Cengage Learning Using Windows Server 2008 with Client Systems The client workstation operating systems most compatible with Windows Server 2008 are Windows Vista and Windows 7. A client is a computer that accesses resources on another computer via a network or direct cable connection; a workstation is a computer that has its own central processing unit (CPU) and can be used as a stand-alone or network computer (often used for a combination of word-processing, spreadsheet, scientific, and other individual applications). The overall goal of Microsoft is to use the Windows Server 2008 platforms and Windows Vista or more preferably Windows 7 on the same network to achieve a lower TCO. The total cost of ownership (TCO) is the full cost of owning a network, including hardware, software, training, maintenance, and user support costs. Windows 7 is designed to replace Windows Vista as a more reliable and secure workstation operating system to be used in a business environment in a peerto-peer network or as a member of a domain. A domain is a grouping of network objects, such as computers, servers, and user accounts, that provides for easier management. Computers and users in a domain can be managed to determine what resources they can access, such as printers and shared folders. A domain is given a name, such as Microsoft.com for Microsoft. In addition, computers within a domain are given a unique name, which often parallels the name of a user, such as Brown, or is a favorite name or word, such as antelope or popcorn. You learn more about domains in Chapter 4, Introduction to Active Directory and Account Management. Recognizing that professionals are highly mobile, Windows Vista and Windows 7 are designed to work equally well on a desktop computer or on a laptop computer. In terms of networking advancements, Windows 7 is the operating system of choice because it offers the most advantages and new features, including: More effective capabilities and diagnostics to recover from many types of network communications problems Less overall memory use than Vista and runs background services more efficiently

11 Windows Server 2008 Features 9 Newly written code for more efficient network communications and leaner operations Greater compatibility with new hardware and software Security enhancements built to improve upon Windows Vista and compatible with the National Institute of Standards and Technology (NIST) Evaluation Assurance Level 4, which is an upper-level security certification AppLocker to enable organizations to manage how applications are used on network clients Improved use of Windows PowerShell commands and scripts for greater compatibility with PowerShell in Windows Server 2008 (you learn more about Windows PowerShell later in this chapter) 1 Windows Server 2008 is intended to play a key management role on a network by hosting Active Directory a database of computers, users, groups of users, shared printers, shared folders, and other network resources and by offering a multitude of network services. Windows 7 offers the best compatibility with the newest version of Active Directory in Windows Server By combining Windows 7 client workstations and Windows Server 2008 under the management of Active Directory, it is possible to centralize security, applications, application updates, and automated client configuration via a server, thus reducing the TCO. Another Microsoft long-term objective is to encourage users to convert all workstation operating systems on a network to Windows 7, because the TCO for Windows 7 is less than for other workstation operating systems such as Windows XP and even Windows Vista. The TCO is less because Windows 7 is able to use automated installation, configuration, desktop, and management policy features controlled through Windows Server Also, although Windows XP and Windows Vista support Active Directory, they don t support some newer elements. Many desktop configuration settings (including software deployment) can be automated from Windows Server 2008 to Windows 7, so that the user can set up a client workstation with less technical knowledge or assistance. Windows Vista supports more Active Directory management features than its predecessor Windows XP. Although Windows Vista and Windows XP don t support some of the new Active Directory and other Windows Server 2008 or Windows Server 2008 R2 features, they still support most of them and can compose a very functional network as clients to Windows Server 2008 or Windows Server 2008 R2. You learn more about Windows Server 2008 R2 in Appendix B, Windows Server 2008 Release 2 Enhancements. In addition to Windows clients, Windows Server 2008 supports UNIX and Linux clients using the Subsystem for UNIX-based Applications (SUA). For a UNIX or Linux client, SUA creates a multiuser environment complete with commands, case-sensitive abilities (important to UNIX/Linux), programming tools, shells (runtime environments), and scripts. With SUA installed, even UNIX/Linux programs can be ported over to Windows Server Scripts are files that contain commands to be run by a computer operating system. Scripts save time because commands don t have to be typed individually by the user each time a particular set of activities needs to be accomplished, such as adding new data to a file. Windows Server 2008 Features Windows Server 2008 offers many features that make it a solid server and network operating system. The following list is a sampling of features in Windows Server 2008 that deserve special focus: Server Manager Security

12 10 Chapter 1 Introduction to Windows Server 2008 Clustering Enhanced Web services Windows Server Core Windows PowerShell Virtualization Reliability Multitasking and multithreading Each of these features is introduced in the sections that follow. You will learn more about these features as you continue through this book. Server Manager Windows Server 2008 comes with a new tool called Server Manager. Server Manager enables the server administrator to manage critical configuration features from inside one tool. In earlier versions of Windows Server, you might have to look in several places to do different tasks. Server Manager puts the management tasks together in one place. For example, if you configure several parameters during the initial installation and later decide to modify some of those settings, it s likely you can modify them all in Server Manager. Server Manager is used to: View computer configuration information. Change properties of a system. View network connections. Configure Remote Desktop. Configure security, including the firewall and how to obtain updates. Configure a multitude of server roles, from a basic file server to advanced network services. Add and remove features. Run diagnostics. Manage storage and backups. In many cases, when the administrator selects a management function, Server Manager starts a wizard for step-by-step guidance through the task. Wizards are helpful for learning tasks and for reducing configuration errors. Server Manager is particularly useful for beginning and intermediate administrators, but also centralizes common tasks for advanced administrators. Security Windows Server 2008 is built to be more secure than previous Windows Server systems. One important feature that enables this to happen is Network Access Protection (NAP). NAP is an umbrella of security protection features that monitor and manage a server and its clients. As attackers and malicious software become more sophisticated, so must managing a server to block their attacks. NAP has the following capabilities: Identifies clients and other computers on a network that do not comply with the security policies set through Windows Server 2008 Limits access by noncompliant computers, such as by not allowing access to resources, not permitting logon, or by quarantining a noncompliant computer to specific resources or portions of a network Automatically updates or configures a noncompliant computer to match the security policies required for access, such as by changing policy settings on the client or updating the client operating system to have the latest security patches Continuously checks throughout the entire network and server connection session to ensure that computers remain in compliance, even after they have been given access to the network, server, and resources