Implementing Always On VPN: Modern Mobility with Microsoft Windows 10 and Windows Server 2022
Huge savings for students
Each student receives a 50% discount off of most books in the HSG Book Store. During class, please ask the instructor about purchase details.List Price: | $54.99 |
Price: | $27.50 |
You Save: | $27.50 |
2Chapter 1 - Always On VPN Overview
o This chapter will introduce Always On VPN as a technology and cover the concepts and underlying technologies used by the solution. We will discuss the high-level use cases and compare with its predecessor, DirectAccess.
Chapter 2 - Plan an Always On VPN Deployment
o In this chapter we will dive more deeply into the implementation prerequisites. We will identify infrastructure requirements, discuss networking and authentication requirements, and learn about various deployment scenarios. Guidance will be provided for certificate services configuration and networking models will be covered. Details about VPN protocols, client IP address assignment, and firewall requirements will also be covered.
Chapter 3 - Configure Windows Server for Always On VPN
In this chapter, configuring Windows Server Routing and Remote Access Service (RRAS) will be covered in detail. In addition, we will cover Remote Access Service (RRAS) configuration and perform server security and performance optimizations.
Chapter 4 - Provision Always On VPN Clients
This chapter will provide guidance for provisioning Always On VPN to Windows 10 clients. The Configuration Service Provider (CSP) mode will be discussed, and readers will learn to create a configuration XML file and provision it locally using PowerShell. In addition, Intune deployment using custom XML and native VPN profiles will be covered.
Chapter 5 - Cloud Deployments
o For those organizations deploying infrastructure in a public cloud, this chapter will outline how to deploy an Always On VPN infrastructure in Microsoft Azure. Deploying RRAS in Azure and leveraging native cloud VPN infrastructure such as Azure Virtual Network Gateway and Azure Virtual WAN will be discussed.
Chapter 6 - Azure Integrationo This chapter will provide guidance for advanced client configuration and integration with Azure security services. Azure MFA integration with on-premises NPS will be covered in detail. Also, Azure Conditional Access will be covered.
Chapter 7 - High Availabilityo This chapter will describe in detail how to implement an Always On VPN infrastructure in a redundant and highly available configuration. Locally redundancy NPS and VPN servers will be covered. Guidance for multisite deployment with geographic redundancy for VPN servers will be included.
Chapter 8 - Monitor and Reporto This chapter will cover ongoing system maintenance and operational support for the VPN and NPS infrastructure. It will include guidance for ensuring automatic certificate management, how to renew certificates that cannot be managed automatically, how to find logging details, and which monitoring tools can be effective for daily operation.
Chapter 9 - Troubleshootingo This chapter will provide detailed guidance for troubleshooting and resolving common configuration and operational errors for the VPN and authentication infrastructure, from both the client and server perspective. Common failure scenarios will be covered, and detailed resolution steps will be provided.
Chapter 10 - Migrate from DirectAccess to Always On VPNo Always On VPN is most commonly deployed to replace existing DirectAccess infrastructure. In this chapter I'll provide guidance and share experience for migrating from DirectAccess to Always On VPN seamlessly and without disruption.
o This chapter will introduce Always On VPN as a technology and cover the concepts and underlying technologies used by the solution. We will discuss the high-level use cases and compare with its predecessor, DirectAccess.
Chapter 2 - Plan an Always On VPN Deployment
o In this chapter we will dive more deeply into the implementation prerequisites. We will identify infrastructure requirements, discuss networking and authentication requirements, and learn about various deployment scenarios. Guidance will be provided for certificate services configuration and networking models will be covered. Details about VPN protocols, client IP address assignment, and firewall requirements will also be covered.
Chapter 3 - Configure Windows Server for Always On VPN
In this chapter, configuring Windows Server Routing and Remote Access Service (RRAS) will be covered in detail. In addition, we will cover Remote Access Service (RRAS) configuration and perform server security and performance optimizations.
Chapter 4 - Provision Always On VPN Clients
This chapter will provide guidance for provisioning Always On VPN to Windows 10 clients. The Configuration Service Provider (CSP) mode will be discussed, and readers will learn to create a configuration XML file and provision it locally using PowerShell. In addition, Intune deployment using custom XML and native VPN profiles will be covered.
Chapter 5 - Cloud Deployments
o For those organizations deploying infrastructure in a public cloud, this chapter will outline how to deploy an Always On VPN infrastructure in Microsoft Azure. Deploying RRAS in Azure and leveraging native cloud VPN infrastructure such as Azure Virtual Network Gateway and Azure Virtual WAN will be discussed.
Chapter 6 - Azure Integrationo This chapter will provide guidance for advanced client configuration and integration with Azure security services. Azure MFA integration with on-premises NPS will be covered in detail. Also, Azure Conditional Access will be covered.
Chapter 7 - High Availabilityo This chapter will describe in detail how to implement an Always On VPN infrastructure in a redundant and highly available configuration. Locally redundancy NPS and VPN servers will be covered. Guidance for multisite deployment with geographic redundancy for VPN servers will be included.
Chapter 8 - Monitor and Reporto This chapter will cover ongoing system maintenance and operational support for the VPN and NPS infrastructure. It will include guidance for ensuring automatic certificate management, how to renew certificates that cannot be managed automatically, how to find logging details, and which monitoring tools can be effective for daily operation.
Chapter 9 - Troubleshootingo This chapter will provide detailed guidance for troubleshooting and resolving common configuration and operational errors for the VPN and authentication infrastructure, from both the client and server perspective. Common failure scenarios will be covered, and detailed resolution steps will be provided.
Chapter 10 - Migrate from DirectAccess to Always On VPNo Always On VPN is most commonly deployed to replace existing DirectAccess infrastructure. In this chapter I'll provide guidance and share experience for migrating from DirectAccess to Always On VPN seamlessly and without disruption.
Apress