Manualshelf

HP Advanced Services zl Module with Microsoft® Windows Server® 2008 R2 Planning and Design Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
3-3
Solution 2: Survivable Wireless Networking
Solution: HP Advanced Services zl Module with Microsoft Windows Server 2008 R2 + HP E-MSM765 zl Mobility Controller
The school district will also deploy an HP Advanced Services zl Module with
Microsoft Windows Server 2008 R2. This module provides all of the backup
services that the mobility solution would otherwise require from the data
center:
Read-only Active Directory—The server running on the module will act as
a read-only domain controller, allowing the users to log in to the domain,
providing user credentials to the local NPS (RADIUS server), and also
implementing domain policies replicated from the central office. How-
ever, for security, managers of this server cannot change (write to) domain
policies.
Active Directory Certificate Services (AD CS)—The server running on the
module will work as an Intermediate Certificate Authority (CA) to both issue
certificates and manage certificates and private keys.
Network Policy Server (NPS)— NPS includes a RADIUS server, which the
mobility solution requires to authenticate and authorize users. NPS sup-
ports 802.1X and Web authentication as well as other authentication
schemes. Server administrators can use NPS to control user-based set-
tings (such as VLAN assignments or rate limits) and even to implement
Network Access Protection (NAP), which quarantines clients that do not
meet network health requirements. The administrators can export the
configuration of existing NPS servers and quickly import it to the branch
server.
Internet Information Services (IIS)—The module will host the Web portal for
authenticating users. It can also host other Web-based applications.
Dynamic Host Configuration Protocol (DHCP)—Most endpoints must receive
their IP settings using DHCP. Providing DHCP locally protects these
endpoints’ network connectivity in the case of a WAN failure. Keeping
DHCP requests local might also eliminate some bursts of traffic (as
students and other users arrive, start up their computers, and request
DHCP settings).
In this solution, the Mobility Controller acts as DHCP server for the E-
MSM APs. However, you could use the DHCP server running on the HP
Advanced Services zl Module for this purpose in your solution.
Domain Name System (DNS)—Providing DNS services at the local level
significantly reduces the number of DNS requests sent through the WAN
and protects users’ connectivity during a WAN failure. The Mobility
Controller can also send DNS requests to the DNS server running on the
HP Advanced Services zl Module, which helps the controller to enforce
Web authentication.