Network Infrastructure Considerations For Vpns

VPNs safeguard communications among trusted networks. To style MCTS Certification secure VPNs, the network infrastructure must be element of the style. Network infrastructure contemplate-ations for VPNs incorporate.
The following sections describe the redundancy and network place considerations. VPN placement and protection are discussed in the section “Recommendations for Placing VPN Servers on Networks” later in this lesson. Kinds of VPNs were discussed in Lesson 1 in the “Varieties of VPNs That Operate with Windows Server 2003″ section
Redundancy Considerations
Redundancy is supplied by establishing numerous VPN servers. If a single VPN server fails, client sessions are disconnected. Even so, clients can connect again by making use of a distinct VPN server. To minimize the necessity to configure multiple connectoids (1 for each VPN server), use Network Load Balancing. Nonetheless, do not confuse redundancy with load balancing. Load balancing can be provided through round-robin Domain Name Method (DNS) or clustering.
Round-robin DNS is configured by entering many weighted host records that use the exact same DNS name but a number of IP addresses. This offers load balancing since every request for name resolution will give one of a lot of IP addresses and therefore be directed to a distinct personal computer. Nonetheless, DNS has no way of realizing when a spe?cific VPN server is not readily available. The IP address for a 70-620 that is not obtainable will be provided just as usually as 1 that is.
Network load balancing, a Microsoft clustering technologies that spreads requests for a single IP address among a number of Microsoft Windows servers, can also offer load bal?ancing in addition to scalability and redundancy. If a VPN server fails, client sessions will also fail and the user will be prompted to log on again. The user’s new session will be managed by 1 of the other VPN servers in the cluster. Figure 7-7 shows Microsoft network load balancing.

Firewall configuration is essential. Without having correct configuration, a single or both of two difficulties will exist. First, the VPN targeted traffic, other required site visitors, or both will not be able to pass by means of the firewall. Second, too much access will be granted to your network, thus generating you much more vulnerable to attack. It is not the designer’s job to configure the firewall. Instead, the designer really should provide MCITP Enterprise Administrator the firewall administrator with the infor?mation essential to provide secure remote access.

network infrastructure