Manualshelf

HP Advanced Services zl Module with Microsoft® Windows Server® 2008 R2 Planning and Design Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
5-3
Solution 4: Survivable Authentication and Authorization
Solution: HP Advanced Services zl Module with Microsoft Windows Server 2008 R2 + HP PCM/IDM Agents
The server will also support a PCM+ agent, which works with the centralized
PCM+ server, relieving some of the burden required for managing the branch
network infrastructure.
The complete list of services that the HP Advanced Services zl Module with
Microsoft Windows Server 2008 R2 will provide is:
Active Directory—The server running on the module will act as a domain
controller for the local users, allowing the users to log in to the domain
and implementing the domain policies.
Active Directory Certificate Services (AD CS)—The server running on the
module will work as an Intermediate Certificate Authority (CA) to both issue
certificates and manage certificates and private keys.
Network Policy Server (NPS)—As explained, NPS includes a RADIUS
server, to which the network infrastructure devices that implement 802.1X
authenticate and authorize users. In this solution, server administrators
establish user-based access control using IDM. After you install the IDM
agent on NPS, the local server will implement those policies without
further configuration. (NPS simply requires one policy that permits access
for authenticated domain users.)
Dynamic Host Configuration Protocol (DHCP)—Most endpoints must receive
their IP settings using DHCP. Providing DHCP locally protects these
endpoints’ network connectivity in the case of a WAN failure. Keeping
DHCP requests local might also eliminate some bursts of traffic (as
students and other users arrive, start up their computers, and request
DHCP settings).
Domain Name System (DNS)—Providing DNS services at the local level
significantly reduces the number of DNS requests sent through the WAN
and protects users’ connectivity during a WAN failure.
Internet Information Services (IIS)—The module will host various Web-
based applications locally; it will also host an FTP site.
Print Services—The module will act as a print server, managing and
monitoring print queues to increase printing efficiency.
File Services—While branch users need to access some centralized
resources, many of the files that they access most often are specific to the
local branch. The module can store such files, delivering them to autho-
rized local users as needed.