DHCP and TCP/IP  «Prev  Next»
Lesson 1

Designing and Securing a TCP/IP and DHCP Solution

This course will provide senior networking support professionals the information and skills required to design a networking services infrastructure for large enterprise networks. The focus of this course will be less on mouse clicking, and more on network design concepts and parameters vital to the successful network architect. Your prior knowledge about basic networking services such as WINS, DNS, RRAS, RADIUS, Proxy Server, and network hardware will serve as the foundation for the solutions you will design. The network architect's job is like that of the building architect. He/she maps out the requirements for the organization, and with these requirements in mind, puts together a design plan. You will discover how TCP/IP and DHCP factor into design solutions, optimizing your solutions for maximum performance and security.

Course goals

After completing the course, you will be able to:
  1. Describe the attributes of a Windows 2022 networking services infrastructure design.
  2. Translate organizational goals into a design
  3. Define the design requirements for a Transmission Control Protocol/Internet Protocol (TCP/IP) solution.
  4. Design a functional TCP/IP solution
  5. Secure a TCP/IP solution
  6. Enhance a TCP/IP design for availability
  7. Optimize a TCP/IP design for performance
  8. Design a DHCP solution for automating IP configuration.
  9. Design a functional DHCP solution
  10. Secure a DHCP solution
  11. Enhance a DHCP design for availability
  12. Enhance a DHCP design for performance

Here's a description of the key attributes of a Windows Server 2022 networking services infrastructure design, along with considerations for scalability and security:
Core Networking Services
  • DHCP (Dynamic Host Configuration Protocol): Automates the assignment of IP addresses, default gateways, DNS servers, and other network configuration parameters to devices.
  • DNS (Domain Name System): Provides the critical service of translating domain names to IP addresses, essential for the smooth functioning of web browsing and other network applications.
  • Active Directory Domain Services (AD DS): Centralized management of users, computers, and network resources. It offers authentication, authorization, and Group Policy enforcement for the domain.

Additional Potential Services
  • File and Print Sharing: Server Message Block (SMB) protocol enables shared access to files and printers across the network.
  • Network Policy Server (NPS): Enforces network access policies for authentication, authorization, and network health checks.
  • WSUS (Windows Server Update Services): Centralized management and distribution of updates for Windows systems on the network.
  • RADIUS: Provides centralized authentication and authorization for network devices and services.

Design Considerations
  • Scalability:
    • Plan for future growth by considering load balancing, redundant servers, and domain hierarchy.
    • Consider cloud-based options (Azure AD) to enhance scalability if the need arises.
  • Security:
    • Implement strong firewall configurations.
    • Use IPSec for secure communication between servers.
    • Restrict access with role-based permissions and strong password policies.
    • Regular security audits and patching.
  • Performance:
    • Proper network segmentation to reduce congestion.
    • Invest in adequate networking hardware (switches, routers).
    • Traffic prioritization through Quality of Service (QoS) policies.
  • High Availability:
    • Utilize clustering technologies for critical services like DHCP and DNS.
    • Redundant servers and network paths.
  • Management and Monitoring:
    • Centralized logging and monitoring systems.
    • Tools like Windows Admin Center for overall management.

Windows Server 2022 Enhancements:
  • Improved security features: Secured-core server, TLS 1.3 support by default, SMB encryption enhancements.
  • Hybrid Cloud Integration: Better integration with Azure services for backup, management, and identity.
  • Containerization Support: Increased capabilities for running Windows containers.
Important Note: The specific design will depend heavily on the size and complexity of your network, security requirements, and service needs.
  1. QuickChecks: QuickChecks are unscored opportunities for you to self-check your understanding of key points before you arrive at a scored Exercise or Quiz.
    You will see QuickChecks throughout the lessons; click the icon to display a brief question. Click again to see the correct answer in a short animated sequence.
  2. Problem SolverExercises: To better prepare you to pass the MCSE exam and to provide you an opportunity to practice what you learn within a context, we have created exercises throughout the series in which you apply your knowledge about Windows 2000 to various scenarios. You will submit your solutions to the Problem Solver exercises for scoring.

SEMrush Software1