Chapter 8. Controlling Remote Communications with Microsoft Routing and Remote Access Service
Secure remote access to information systems is no longer an option. Organizations must share and collate data, communicate information, and provide alternative work locations for employees. Branch office locations, partner projects, telecommuters, and traveling employees all require access from outside the perimeters of the network. You can use Windows Routing and Remote Access services (RRAS) and/or its earlier incarnation, Remote Access Services (RAS), to provide this access. RRAS on Windows Server 2003 and Windows 2000 provides the following capabilities:
Basic routing services
Dial-up access
Virtual Private Network (VPN) services
Network Address Translation (NAT)
Protocol Filtering (basic firewall services)
Remote access policies
Tip
The desktop version of Windows offers a limited version of RAS in which a single remote access connection can be configured for any given computer running the OS. Employees can connect from home or on the road, directly to their desktops at work if a modem and the proper phone connection are available. Most security experts agree, however, that allowing this type of connection is not a sound practice. Their reasoning is that these machines act as unmanaged (and very possibly unprotected) back doors into the network. One of the cardinal rules of network security is to provide as few external connections as possible, so that these chokepoints can be monitored and ...
Get Windows Server 2003 Network Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
