Overview of Deploying a Wired LAN
Applies To: Windows Server 2008, Windows Server 2008 R2
To provide 802.1X authentication, authorization, automatic IP address assignment, and name resolution for wired users, your networking infrastructure must include the following services:
Active Directory Domain Services (AD DS).
Remote Authentication Dial-In User Service (RADIUS) servers and proxies.
A certificate infrastructure, also known as a public key infrastructure (PKI).
Dynamic Host Configuration Protocol (DHCP) services.
Domain Name System (DNS) services.
These services together provide the security, availability, and scalability needed for an authenticated wired access solution. Before you start to deploy your wired access solution, all the supporting components and services in your networking infrastructure must be in place.
All the components that are required for an IEEE 802.1X authenticated wired access deployment are included with Windows Server 2008, Windows Vista, and Windows XP. Windows Server 2008 includes AD DS, DHCP, DNS, Active Directory Certificate Services (AD CS), and support for RADIUS (by using Network Policy Server [NPS]).
Computers running Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP provide support for the IEEE 802.1X standard, and certificate authentication.
Although components that support authenticated wired access are included in Windows Server® 2008 Standard, Windows Server® 2008 Enterprise, and Windows Server® 2008 Datacenter operating systems, there are differences in the capabilities and service levels of those components. For information about differences in these services among the Windows Server 2008 operating systems, see Help and Support in Windows Server 2008.
After designing and deploying the networking components and services needed for the LAN, you will be able to maintain a secure and manageable network by using supported features such as:
Wired Network (IEEE 802.3) Policies in Group Policy Management in Windows Server 2008.
Wired AutoConfig service, included on client computers running Windows Server 2008 and Windows Vista.
RADIUS-based 802.1X authentication, and interoperability with other networking services.