Chapter 1: Designing a TCP/IP Network
Table 1.1: Supernetted Block of Addresses
Table 1.2: CIDR Routing Table Entry
Table 1.3: IPv6 Features Supported by Windows Server 2003 IPv6
Table 1.4: Server Applications Supported by Windows Server 2003 IPv6
Table 1.5: IPv4 and IPv6 Node Types
Table 1.6: Leading Zero Suppression and All-Zero Contiguous Block Compression
Table 1.7: Fields in a Unicast Global Address
Table 1.8: Examples of ISATAP addresses
Table 1.9: Fields in a Multicast Address
Table 1.10: Differences Between IPv4 Addressing and IPv6 Addressing
Chapter 2: Deploying DHCP
Table 2.1: Address Range and Clients per Subnet
Table 2.2: DHCP Address Pools per Subnet
Table 2.3: Example Address Reservations
Table 2.4: Scope Configurations on the DHCP Server at the Main Office
Table 2.5: Scope Configurations on the DHCP Server at the Branch Office
Table 2.6: Example DHCP Options
Chapter 3: Deploying DNS
Table 3.1: DNS Roles
Table 3.2: DNS Namespace Design Requirements
Table 3.3: Mixed Internal and External DNS Namespace Design Options
Table 3.4: Client Proxy Capabilities
Table 3.5: Feature Support in Different Implementations of DNS
Table 3.6: Internet DNS Domain Name Registration
Table 3.7: Character Set Restrictions
Table 3.8: Replication Options for Active Directory-Integrated Zone Data
Chapter 4: Deploying WINS
Table 4.1: NetBIOS Node Types
Chapter 5: Deploying ISA Server
Table 5.1: Determining the ISA Server Installation Mode
Table 5.2: Determining Which Clients to Deploy
Table 5.3: Hardware Requirements for Different Network Loads
Table 5.4: Hardware Requirements for Firewall
Table 5.5: Hardware Requirements for Forward Caching
Table 5.6: Hardware Requirements for Reverse Caching
Table 5.7: Comparing Features of ISA Server as a Stand-Alone Server or as an Array
Chapter 6: Deploying IPSec
Table 6.1: IPSec Security Solutions
Table 6.2: IPSec Transport Mode Uses
Table 6.3: IPSec Tunnel Mode Usage
Table 6.4: General IPSec Policy Settings
Table 6.5: Settings of IPSec Rules
Table 6.6: Equivalent Filters for NoDefaultExempt=0
Table 6.7: Choosing IPSec Protocol Types
Table 6.8: Choosing Authentication Methods
Chapter 7: Deploying IAS
Table 7.1: Comparison of Voluntary and Compulsory Tunneling
Table 7.2: Authentication Protocols That IAS Supports
Table 7.3: Selecting a Certificate Installation Method
Chapter 8: Deploying Dial-up and VPN Remote Access Servers
Table 8.1: Advantages and Constraints of the PPTP and L2TP/IPSec VPN Protocols
Table 8.2: Encryption Support Provided Under CHAP, MS-CHAP, and EAP-TLS
Table 8.3: Encryption Required at Each Encryption Level for PPTP and L2TP/IPSec Connections
Table 8.4: Certificate Infrastructures Required for Remote Access Client Authentication
Table 8.5: VPN Server Behind a Firewall: PPTP Filters on the Firewall''s Internet Interface
Table 8.6: VPN Server Behind a Firewall: PPTP Filters on the Perimeter Network Interface
Table 8.7: VPN Server Behind a Firewall: L2TP/IPSec Filters on the Firewall''s Internet Interface
Table 8.8: VPN Server Behind a Firewall: L2TP/IPSec Filters on the Firewall''s Perimeter Network Interface
Table 8.9: VPN Server in Front of a Firewall: Packet Filters for PPTP
Table 8.10: VPN Server in Front of a Firewall: Packet Filters for L2TP/IPSec
Chapter 10: Connecting Remote Sites
Table 10.1: Comparing a PPTP Solution with an L2TP/IPSec Solution
Table 10.2: Using PPTP and L2TP/IPSec for Different VPN Connections on the Same Network
Table 10.3: Comparing On-Demand and Persistent Connections
Table 10.4: Comparing One-Way and Two-Way Initiated Connections
Table 10.5: Requirements for Using a Third-Party CA
Table 10.6: Choosing a Data Encryption Method
Table 10.7: Encryption Strength by Connection Type
Table 10.8: Example Configuration of Demand-Dial Interfaces and User Accounts for a Two-Way Initiated VPN Connection
Table 10.9: Example Configuration for a Dial-up One-Way Initiated Connection
Table 10.10: New Features for Dial-up or VPN Site-to-Site Connections Since Windows NT Server 4.0 RRAS
Table 10.11: Capacity Planning
Table 10.12: Hardware and Software Requirements for a Demand-Dial Router
Table 10.13: Enabling the Routing and Remote Access Service
Table 10.14: Configuring the Demand-Dial Interface for a Remote Site Connection
Table 10.15: Configuring an Additional Demand-Dial Interface for a Temporary Link to the ISP
Table 10.16: Creating a Common Remote Access Policy by Using the New Remote Access Policy Wizard
Table 10.17: Creating a Custom Remote Access Policy by Using the New Remote Access Policy Wizard
Table 10.18: Configuring the Static Route Dialog Box for a Site-to-Site Connection
Table 10.19: Using the Configure Device Dialog Box to Configure Ports
Chapter 11: Deploying a Wireless LAN
Table 11.1: Example IP Address Allocation for IP Subnet 172.16.50.0/24
Table 11.2: Support for Autoenrollment of Certificates Provided in Windows
Table 11.3: Adding a Remote Access Policy for Wireless Users