Windows 2012 Server Network Security Securing Your Windows Network Systems and Infrastructure Derrick Rountree Richard Hicks, Technical Editor AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO ELSEVIER Syngress is an Imprint of Elsevier
- Contents DEDICATION ACKNOWLEDGMENTS ABOUT THE AUTHOR ABOUT THE TECHNICAL EDITOR PREFACE ix xi xiii xv xvii CHAPTER 1 Introduction 1 Intro to Windows 8 and Windows Server 2012 1 Server Manager 1 Powershell 6 Intro to IPv6 6 IPv6 Architecture 7 Summary 10 CHAPTER 2 Network Infrastructure 11 Introduction 11 DHCP 11 DHCP Overview 11 DHCP Installation and Initial Configuration 12 Initial DHCP Configuration 16 Protecting Your DHCP Environment 18 DNS 26 DNS Overview 26 DNS Installation and Initial Configuration 26 Protecting Your DNS Environment 32 WINS 37 WINS Overview 38 WINS Feature Installation and Initial Configuration 39 Protecting Your WINS Environment 40 Summary 44 CHAPTER 3 Securing Network Access Introduction 45 45 v
General Network Settings 45 Network Discovery 45 Network Location 46 Wireless Security 47 Wireless Properties 47 Security Types 47 Wireless Encryption 48 Windows Firewall 49 Network Profiles 49 Windows Firewall Configuration 51 Windows Firewall with Advanced Security 53 IPSEC 64 IPSec Overview 65 Configuring IPSec 67 IPSec Monitoring in Windows Firewall with Advanced Security 72 Windows 8 Resource Sharing 74 HomeGroup 74 Advanced Sharing Settings 75 Windows Server 2012 Resource Sharing 80 Summary 87 CHAPTER 4 Secure Remote Access 89 Introduction 89 TELNET 90 Telnet Server 90 Telnet Client 91 Remote Desktop Services 92 Remote Desktop on Windows 8 92 Remote Desktop Services Role on Windows Server 2012 94 Remote Desktop Connection Client 99 Remote Access Role 107 Remote Access Role Installation and Configuration 107 DirectAccess 112 VPN 112 Network Policy and Access Services 114 NPAS Installation and Configuration 114 Network Policy Server 118 Health Registration Authority 120 Host Credential Authorization Protocol 121 Summary 121
CHAPTER 5 Internet Connection Security 123 Internet Explorer Security 123 Domain Highlighting 124 Frequently Visited Sites 124 Safety Features 125 Internet Options 130 General 132 Security 13V Privacy 155 Content 158 Connections 161 Programs 162 Advanced 165 CHAPTER 6 Network Diagnostics and Troubleshooting 167 Task Manager 16V Processes 168 Performance Tab 169 App History Startup Users Services 1V2 1V2 1V3 1V3 Resource Monitor 173 Resource Monitor Overview Tab 175 Resource Monitor Network Tab 177 Performance Monitor 178 Data Collector Sets 178 Event Viewer 182 Windows Logs 182 Applications and Services Logs 184 Network Monitor 185 Summary 185 CHAPTER 7 Network Tools and Utilities 187 Introduction 187 Local Security Policy 187 Local Policies 188 Network List Manager Policies 192 IP Security Policies on the Local Computer 193 Advanced Audit Policy Configuration 196 Group Policy 199
Computer Configuration > Policies > Windows Settings 199 Computer Configuration > Policies > Administrative Templates: Policy Definitions (ADMX Files) Retrieved from the Local Computer 200 Computer Configuration > Preferences > Windows Settings 200 Computer Configuration > Preferences > Control Panel Settings 201 User Configuration > Policies > Windows Settings 201 User Configuration > Policies > Administrative Templates 201 Computer Configuration > Preferences > Windows Settings 201 Computer Configuration > Preferences > Control Panel Settings 201 Security Configuration Wizard 201 Using the Security Configuration Wizard 202 Command-Line Tools 219 Ipconfig 219 Ping 220 Tracert 220 Netstat 221 NBTStat 222 ARP 222 Getmac 222 NET 223 Pathping 224 Route 224 NETSH 225 PowerShell Commands 227 General Networking 227 Network Management 228 Other Relevant Tools 228 PortQry 228 Microsoft Security Compliance Manager 229 Microsoft Baseline Security Analyzer 229 Enhanced Mitigation Experience Toolkit 229 Attack Surface Analyzer 229 Summary 229 INDEX 231