数据挖掘CLI331_Steve_Riley.pptVIP

Connecting to a wireless network All Wireless Dialup and VPN Connecting to a wireless network Connecting to a wireless network Open WEP WEP (802.1X) WPA-Personal WPA-Enterprise WPA2-Personal WPA2-Enterprise None WEP TKIP AES Connecting to a wireless network ?2006 Microsoft Corporation. All rights reserved. Windows VistaNetworkingEnhancements Steve Riley Senior Security Strategist, Security Technology Unit steriley@ /steriley CLI 331 Our network security vision The Internet is the network Logically zoned through policy Access controlled by identity and health All communications authenticated Traffic management at the edges and network attachment points Active Directory at the core Un-trusted Isolated and Trusted Unmanaged Devices Remote Access Gateway Seamless Network Provisioning Server New PC Trusted Required authentication X Infrastructure Servers Authenticating Host Firewalls Optional authentication All about the stack Protocols and core networking components Quality of service Wireless Wired 802.1X Retired features No, I will not cover NAP here. There are sessions here at TechEd and plenty of information on Microsoft’s web site. Next-generation stack architecture Performance enhancements Receive window auto-tuning (optimize receiver) Compound TCP (optimize sender) Added specifications for high-loss environments RFC 2582: NewReno mod to TCP fast recovery RFC 2883: Extension to selective ACK option RFC 3517: Conservative SACK-based loss recovery RFC 4138: Detecting spurious retransmission timeouts Improved routing path detection and recovery Neighbor unreachability detection Fail-back support after dead gateway detection Better PMTU black-hole router detection New mechanisms for NDIS offloading Receive-side scaling for multiple processors Routing compartments Windows XP/2003 Vista/Longhorn Weak end-system model(Windows XP/2003 default)   DA= Strong end-system model(Windows Vista default)   DA= DA= Dead gateway detection: fail-over(Windows XP/2003) D