Secure Data Transmission
The discussion so far in this tutorial has dealt with securing computers and their contents and has been silent about securing the transmission of data among computers, using e-mail or otherwise transferring information either within a LAN directly or using an intranet or the Internet. Yet the need to extend a network to outlying parts of an organization and to customers and suppliers is very real and requires secure data transmission. Securing data transmission means the encryption of the information being transmitted so that it cannot be read and misused by those not meant to read it. Encrypting information is probably as old as the human race and has really blossomed with the advent of computers. Data encryption has become so sophisticated that the U.S. government, worried that it won't be able to decrypt the data (can you imagine that!), hasn't until a few years ago allowed the better technology to be exported (everyone was getting it over the Internet anyway).
Implement Data Transmission Security
You may be thinking that SSL and TLS sound great, but also sound complex to use. In fact, both are easy to use, either across the Internet or internally in a LAN.
Implement Secure Internet and Intranet Transmissions
To implement secure Internet and intranet transmissions, you need a web server that supports SSL or TLS, such as Microsoft IIS 7, plus a supporting web browser, such as Microsoft Internet Explorer 7, both of which are included in Windows Server 2008. From the browser, to visit a web site that has implemented SSL or TSL, you simply need to begin the URL with https:// rather than http://. SSL will then kick in, and without your even being aware that it's happening, the browser and server decide which encryption algorithm to use to transfer a private key, and then use that key and the chosen private key encryption scheme to encrypt and decrypt all the rest of the data during that session.
Once you are connected using SSL, your browser will indicate that a secure connection is established. IE7 displays a padlock icon to the right of the address bar.
NOTE: Even though the combination of public and private encryption is relatively fast, it is still significantly slower than no encryption. For that reason, it is recommended that you use SSL only when you send sensitive information, such as financial or credit card data, and not for an entire web site.
In this tutorial:
- Windows Server 2008 Security
- Authenticate the User
- Network User Authentication
- Replacements for Passwords
- Certificate Authentication
- Control Access
- Groups
- Permissions
- Add New Permissions
- Share Permission
- Secure Stored Data
- Use File and Folder Encryption
- Drive Encryption with BitLocker
- Use a Computer with BitLocker
- Understand Private/Public Key Encryption
- Secure Data Transmission
- Implement Secure LAN Transmission