 |
Home
•
Contact
•
Services
•
Support
|
Tech Solutions |
||
 Upgrades Data Recovery Maintenance Security Networks Websites Custom Systems• Location Service • 24/7 Help |
||
 |
 |
|
 |
Philadelphia Computer Tech Support |  | ||||||||||
|
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 - This chapter examines Windows 2000’s distributed security services in detail, with the focus on how intimately the security and directory services are intertwined, and how Active Directory’s objects can be secured in a granular manner that was never possible in Windows NT. It also looks at the security protocols themselves, and the role and function of each. Finally, the chapter addresses the special area of Internet security, and the added level of protection from unauthorized outside access provided by the Windows 2000 distributed security subsystem. Windows 2000 Distributed Security Services What exactly are these security services that are distributed throughout the network, and how do they work together to ensure more robust protection for user passwords and other confidential data? A number of security features, which together make up the distributed security services, are built into Windows 2000: • Active Directory security. This includes the new concept of transitive trusts, which allows user account authentication to be distributed across the enterprise, as well as the granular assignment of access rights and the new ability to delegate administration below the domain level. • Multiple security protocols. Windows 2000 implements the popular Kerberos security protocol, supports Public Key Infrastructure (PKI), and has backward compatibility with NT through the use of NTLM. • Security Support Provider Interface (SSPI). This component of the security subsystem reduces the amount of code needed at the application level to support multiple security protocols by providing a generic interface for the authentication mechanisms that are based on shared-secret or public key protocols (see Chapter 9, “The Security Support Provider Interface,” for a more detailed explanation of these protocols). • Secure Socket Layer (SSL). This protocol is used by Internet browsers and servers, and is designed to provide for secure communications over the Internet by using a combination of public and secret key technology. • Microsoft Certificate Server. This service was included with IIS 4.0 in the NT 4.0 Option Pack and has been upgraded and made a part of Windows 2000 Server. It is used to issue and manage the certificates for applications that use public key cryptography to provide secure communications over the Internet, as well as within the company’s intranet. • CryptoAPI (CAPI). As its name indicates, this is an application programming interface that allows applications to encrypt data using independent modules known as cryptographic service providers (CSPs), and protects the user’s private key data during the process. • Single Sign-On (SSO). This is a key feature of Windows 2000 authentication, which allows a user to log on the domain just one time, using a single password, and authenticate to any computer in the domain, thus reducing user confusion and improving efficiency, and at the same time decreasing the need for administrative support. As a network administrator, you are probably not most concerned with the intricacies of how the various cryptographic algorithms work (although that can be an interesting sideline course of study, especially if you are mathematically inclined). This jumble of acronyms can be used to keep your organization’s sensitive data secure. This chapter emphasizes just that—combining the distributed security services of Windows 2000 in a way that balances security and ease of accessibility in your enterprise network. 01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 - |
||||||||||||
| | |||||||||||
|
|
|||
Serving the Philadelphia area with the best in tech service and support.
-Chain of wireless stores robbed 12 times in 29 days (Philadelphia Daily News)
When Texas-based MetroPCS Communications Inc. announced plans in July to launch stores in Philadelphia the company touted its "affordable worry-free" wireless services. The company apparently failed to mention a more dubious store feature: Easy-to-rob.
-That's About the Size of Things (Philadelphia Weekly)
BY PW Staff / HYPERLINK "mailto:feedback@philadelphiaweekly.com" feedback@philadelphiaweekly.com The big and small moments of 2008 in Philadelphia. photo/art credit: Jeff fusco photo/art credit: Jeff fusco photo/art credit: Jeff fusco That's About the Size of Things The big and small moments of 2008 in Philadelphia. -- The year began with a bang in Philadelphia. ...
-We're open : New businesses bring life to plaza at Rogers intersection (NWAnews.com)
With an estimated 21 percent of new-construction commercial and office space unoccupied in Benton and Washington counties the fact that the retail plaza at 4500 W. Walnut St. sat nearly empty for the better part of two years was hardly surprising or out of the ordinary. Even with the constant traffic flow in that area just east of Interstate 540 near the Scottsdale Center times are tough and ...
-Stocks Showing A Lack Of Direction In Morning Trading - U.S. Commentary (Nasdaq)
(RTTNews) - With traders expressing some uncertainty about the outlook for the markets stocks have shown a lack of direction over the course of morning trading on Thursday. The major averages have been bouncing back and forth across the unchanged line unable to sustain any significant moves.
Updated 656 minutes ago.
Tech Philly Custom Systems Data Recovery Emergency Service Maintenance Network Service Onsite Service Repair Security Software Spyware Upgrades Viruses Website Design Website Hosting Wireless Computer