Term
|
Definition
Dynamic Host Configuration Protocol
Client/server protocol that enables configured client computers to obtain IP addresses automatically.
The IP information obtained might include the following:
- IP addresses
- Subnet masks
- Gateway addresses
- DNS server addresses
- Other advanced options
The DHCP Server service provides the following benefits:
- Reliable IP address configuration
- Reduced network administration
|
|
|
Term
|
Definition
Before a DHCP server can start leasing IP addresses to client computers, the following steps must be performed:
1. Install the DHCP service
2. Configure an IP scope
3. Activate the scope
4. Authorize the server
5. Configure advanced IP options (optional) |
|
|
Term
|
Definition
DHCP sessions use a four-step process known as DORA.
1.Discovery: The client sends a broadcast to the network to find a DHCP server.
2.Offer: The DHCP server sends a unicast “offering” of an IP address to the client.
3.Request: The client broadcasts to all servers that it has accepted the offer.
4.Acknowledge: The DHCP server sends a final unicast to the client that includes the IP information the client will use.
DHCP utilizes ports 67 and 68. |
|
|
Term
|
Definition
Automatic Private IP Addressing
Service for assigning unique IP addresses on small office/home office (SOHO) network without deploying the DHCP service.
APIPA can get in the way of a client obtaining an IP address properly (e.g., when a client attempts to obtain an IP address from a DHCP server, but the DHCP server is too busy). |
|
|
Term
|
Definition
Formerly known as Terminal Services, is a type of thin-client terminal server computing.
DS enables
- virtual desktop infrastructure (VDI)
- session-based desktops, and applications, allowing users to work anywhere.
Thin-client computers and PCs can connect to servers running Remote Desktop Services. |
|
|
Term
Routing and Remote Access Service (RRAS) |
|
Definition
Supports remote user or site-to-site connectivity by using virtual private network (VPN) or dial-up connections.
RRAS consists of the following components:
Remote Access By using RRAS
You can deploy VPN connections to provide end users with remote access to your organization's network.
You can also create a site-to-site VPN connection between two servers at different locations.
Routing RRAS is a software router and an open platform for routing and networking. It offers routing services to businesses in local area network (LAN) and wide area network (WAN) environments or over the Internet by using secure VPN connections.
Routing is used for
- multiprotocol LAN-to-LAN
- LAN-to-WAN
- VPN
- Network address translation (NAT) routing services.
Microsoft RRAS was formerly known as Remote Access Service (RAS) |
|
|
Term
Internet Protocol Security IPSec |
|
Definition
Protocol within the TCP/IP suite that encrypts and authenticates IP packets.
Ensures private, secure communications over Internet Protocol (IP) networks, through the use of cryptographic security services.
Designed to secure any application traffic because it resides on the network layer (or Internet layer for the TCP/IP reference model).
Used in conjunction with virtual private networks and is an integral part of IPv6.
IPsec has been defined to work in two different modes: Tunnel mode
Most often used for site-to-site VPN connections Transport mode
Most often used for securing IP traffic on private networks |
|
|
Term
IPSec Protocol Types Authentication Header (AH) |
|
Definition
Requirement
The data and the header need to be protected from modification and authenticated, but remain readable.
Usage
Use for data integrity in situations where data is not secret but must be authenticated.
For example, where access is enforced by IPSec to trusted computers only, or where network intrusion detection, QoS, or firewall filtering requires traffic inspection. |
|
|
Term
IPSec Protocol Types Encapsulating Security Payload (ESP) |
|
Definition
Requirements
Only the data needs to be protected by encryption so it is unreadable, but the IP addressing can be left unprotected
Usage
Use when data must be kept secret, such as file sharing, database traffic, RADIUS protocol data, or internal Web applications that have not been adequately secured by SSL. |
|
|
Term
IPSec Protocol Types Both AH and ESP |
|
Definition
Requirements
The header and data, respectively, need to be protected while data is encrypted.
Usage
Use for the highest security.
However, there are very few circumstances in which the packet must be so strongly protected. When possible, use ESP alone instead. |
|
|
Term
|
Definition
Worldwide service that resolves host names to IP addresses.
DNS architecture is a hierarchical distributed database and an associated set of protocols that define:
• A mechanism for querying and updating the database • A mechanism for replicating the information in the database among servers
• A schema of the database DNS is part of the application layer of the TCP/IP reference model DNS servers use inbound port 53 to accept name resolution requests |
|
|
Term
Windows Internet Name Service (WINS) |
|
Definition
Service that resolves NetBIOS names to IP addresses.
WINS is required for any environment in which users access resources that have NetBIOS names.
It is Microsoft’s version of the NetBIOS Name Service (NBNS) combined with a name server.
If you do not use WINS in such a network, you cannot connect to a remote network resource by using its NetBIOS name unless you use Lmhosts files, and you might be unable to establish file and print sharing connections.
WINS and DNS are both name resolution services for TCP/IP networks. |
|
|
