Network protocols and technologies
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Network protocols and technologies
This topic contains a brief overview of the network protocols and technologies in the Windows Server 2003 family. It is divided into three sections: New and updated features since Windows Server 2003 (without SP1), New and updated features since Windows NT 4.0 and New and updated features since Windows 2000.
For links to more information about the features in this release, see New Features.
The Windows Server 2003 family includes a variety of network protocols and technologies to extend the capabilities of your server. For information about additional technologies related to networking, see Performance and tuning features.
The following network protocols have been removed from all products in the Windows Server 2003 family: the Data Link Control (DLC) protocol (related to certain models of printers) and the NetBIOS Extended User Interface (NetBEUI).
The following network protocols have been removed from the Itanium-based versions of the Windows Server 2003 family: Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX), IPX-dependent services, and Open Shortest Path First (OSPF).
In the Windows Server 2003 family, only Windows Server 2003, Standard Edition supports infrared (IR) networking.
New and updated features since Windows Server 2003 (without SP1)
Windows Server 2003 operating systems with Service Pack 1 (SP1) offer the following improvements (compared to Windows Server 2003 without SP1) that help provide increased levels of support for network protocols and technologies:
- Remote Access Quarantine Service, part of Network Access Quarantine Control
Remote Access Quarantine Service is an essential component of Network Access Quarantine Control for Windows Server 2003 with SP1. Network administrators can enforce network access requirements on remote computers with Network Access Quarantine Control. Lack of access makes it difficult to enforce network requirements (such as the use of antivirus software) on remote computers. By deploying the components of Network Access Quarantine Control, including installing the optional Remote Access Quarantine Service (RQS.exe) component on Windows Server 2003 with SP1, and by including the RQC.exe component with the advanced customization features of Connection Manager, network administrators can create connections that check for required programs, registry settings, files, or combinations thereof. They can also quarantine a remote-access session until these checks have been performed. Installing the Remote Access Quarantine Service does not automatically start the Remote Access Quarantine Agent service, another aspect of Network Access Quarantine Control. As the network administrator, you must decide the best time to start the service in relation to the configuration of the Routing and Remote Access service. The Remote Access Quarantine Agent service depends on the Routing and Remote Access service. However, when the Routing and Remote Access service is restarted, the Remote Access Quarantine Agent service is not automatically restarted. You must manually restart the Remote Access Quarantine Agent service. For more information, see the following: Network Access Quarantine Control in Windows Server 2003 at the Microsoft Web site. VPN Quarantine Sample Scripts for Verifying Client Health Configurations at the Microsoft Web site.
- ValueAdd folder has been replaced by Support folder
The ValueAdd folder has been removed from Windows Server 2003 with SP1. To install support tools that were previously found in that folder, such as Phone Book Administrator, go to the Support folder on your Setup CD.
New and updated features since Windows NT 4.0
The Windows Server 2003 family offers the following improvements (in comparison to Windows NT 4.0) that help provide increased levels of support for network protocols and technologies:
- Winsock Direct
With Winsock Direct, applications that use Winsock can perform faster and with less CPU overhead when they communicate across a system area network (SAN). Winsock Direct has the effect of streamlining communications between distributed components if there is a SAN in place.
- DHCP with DNS and Active Directory
Dynamic Host Configuration Protocol (DHCP) works with DNS and Active Directory on Internet Protocol (IP) networks, helping to free you from assigning and tracking static IP addresses. DHCP dynamically assigns IP addresses to computers or other resources connected to an IP network.
- Internet Connection Sharing
With the Internet Connection Sharing feature of Network Connections, you can connect your home network or small office network to the Internet. For example, you might have a home network that connects to the Internet with a digital subscriber line (DSL) connection. By enabling Internet Connection Sharing on the computer that uses DSL, you can provide network address translation, addressing, and name resolution services for all computers on your home network. For more information, see Internet Connection Sharing and network address translation. Internet Connection Sharing and Network Bridge are not included in Windows Server 2003, Web Edition; Windows Server 2003, Datacenter Edition; and the Itanium-based versions of the original release of the Windows Server 2003 operating systems.
- Network Address Translation
Network Address Translation (NAT) hides internally managed IP addresses from external networks by translating private internal addresses to public external addresses. This reduces IP address registration costs by letting you use private IP addresses internally, with translation to a small number of registered IP addresses externally. It also hides the internal network structure, reducing the risk of attacks against internal systems.
Virtual private networking
You can give users ready access to your organization's network even when they are out of the office, and reduce the cost of such access, by implementing a virtual private network (VPN). The VPN connection creates a secure tunnel across the Internet into the private network. There are two types of VPN technology in the Windows Server 2003 family:
Point-to-Point Tunneling Protocol (PPTP), which employs user-level Point-to-Point Protocol (PPP) authentication methods and Microsoft Point-to-Point Encryption (MPPE) for data encryption.
Layer Two Tunneling Protocol (L2TP) with Internet Protocol security (IPSec). L2TP employs user-level PPP authentication methods and computer-level certificates with IPSec for data encryption.
On Windows Server 2003, Web Edition, and Windows Server 2003, Standard Edition, you can create up to 1,000 Point-to-Point Tunneling protocol (PPTP) ports, and you can create up to 1,000 Layer Two Tunneling protocol (L2TP) ports. However, Windows Server 2003, Web Edition, can accept only one virtual private network (VPN) connection at a time. Windows Server 2003, Standard Edition, can accept up to 1,000 concurrent VPN connections. If 1,000 VPN clients are connected, further connection attempts are denied until the number of connections falls below 1,000.
- Routing and Remote Access
Routing and Remote Access replaces the Routing and Remote Access Service (RRAS) and Remote Access Service (RAS) features in Windows NT 4.0. Routing and Remote Access is a single, integrated service that terminates connections from either dial-up or VPN clients or that provides routing (IP, IPX, and AppleTalk), or both. With Routing and Remote Access, your server can function as a remote access server, a VPN server, a gateway, or a branch-office router. For more information, see Routing and Remote Access.
- Asynchronous transfer mode
Asynchronous transfer mode (ATM) is a high-speed, connection-oriented protocol designed to transport multiple types of traffic across a network. It is applicable to both local area networks (LANs) and wide area networks (WANs). Using ATM, your network can simultaneously transport a wide variety of network traffic: voice, data, image, and video.
New and updated features since Windows 2000
The Windows Server 2003 family offers the following improvements (in comparison to Windows 2000) that help provide increased levels of support for network protocols and technologies:
- Simple Object Access Protocol
Simple Object Access Protocol (SOAP) is an XML-based protocol for exchanging information in a decentralized, distributed environment. It consists primarily of two core parts: an envelope for handling extensibility and modularity and an encoding mechanism for representing data types within the envelope. It does not require synchronous execution or request/response interaction. SOAP provides a simple protocol with an extensibility mechanism for adding functionality, such as message routing, security, and guaranteed delivery. By relying on the availability of ubiquitous protocols, including not only XML and Hypertext Transfer Protocol (HTTP) but Simple Mail Transfer Protocol (SMTP) and File Transfer Protocol (FTP), SOAP is available to the broadest assortment of platforms and clients.
- Fibre Channel support
Fibre Channel is a technology for 1-gigabit-per-second data transfer that maps common transport protocols such as small computer system interface (SCSI) and Internet Protocol (IP), merging networking and high-speed I/O into a single connectivity technology. Fibre Channel technology gives you a way to address the distance and the address-space limitations of conventional channel technologies. For more information, see Fibre Channel hardware configuration.
- Automatic configuration for multiple networks
Automatic configuration for multiple networks provides easy access to network devices and the Internet. It also provides the mobile computer user with seamless operations on both office and home networks without having to reconfigure TCP/IP settings manually. With automatic configuration for multiple networks, TCP/IP can use an alternative configuration if a DHCP server is not found.
- Connection Manager improvements
Connection Manager offers several new features:
Automatic proxy configuration for Connection Manager clients. Configure user proxy settings to ensure that the user has appropriate access to internal and external resources while connected to your service.
Connection Manager Favorites. Eliminates repetitive configuration of Connection Manager properties when users switch among common dialing locations.
Client log files. Troubleshoot problems with Connection Manager connections.
Connection Manager Administration Kit. Customize Connection Manager for your needs using the Connection Manager Administration Kit (CMAK) Wizard.
- Web Distributed Authoring and Versioning redirector
The Web Distributed Authoring and Versioning (WebDAV) redirector supports the WebDAV protocol for remote document sharing over HTTP. The WebDAV redirector supports the use of existing applications, and it supports file sharing across the Internet (through firewalls, routers, and so forth) to HTTP servers.
- Internet Authentication Service as RADIUS proxy
This feature supports the ability of Internet Authentication Service (IAS) to forward Remote Authentication Dial-In User Service (RADIUS) authentication and accounting requests to another RADIUS server. This includes flexible, rule-based forwarding, load balancing, and failover between multiple IAS/RADIUS server and load balancing RADIUS-EAP requests; the ability to force the client into a compulsory tunnel with or without user authentication; and selective forwarding of authentication and accounting requests to different RADIUS servers. This feature is not included on computers running the Microsoft® Windows Server® 2003, Web Edition, operating system. For more information, see Overview of Windows Server 2003, Web Edition. In Windows Server 2003, Standard Edition, you can configure IAS with a maximum of 50 RADIUS clients and a maximum of 2 remote RADIUS server groups. For more information about these limits, see Internet Authentication Service.
- Wireless networking
Wireless networking functionality in the Windows Server 2003 family supports the IEEE 802.11 standard, and it minimizes the configuration that is required to access wireless networks. The automatic wireless network configuration feature makes it possible for users to roam across different wireless networks in different locations, without the need to reconfigure their network connection settings for each new location. Security options for 802.11 include authentication services and encryption services that are based on the Wired Equivalent Privacy (WEP) algorithm. For enhanced security, 802.1X authentication is enabled by default in the Windows Server 2003 family of products. IEEE 802.1X authentication provides authenticated access to 802.11 wireless networks and to wired Ethernet networks. IEEE 802.1X authentication provides support for Extensible Authentication Protocol (EAP) security types, so that users can use authentication methods such as certificates.
- IP version 6
The Windows Server 2003 family supports IP version 6 (IPv6), which is a suite of standard protocols that is the next generation of network layer protocols for the Internet. For more information, see IP Version 6.