Microsoft Windows Vista introduces a few network
services and enhances and modifies the behavior of previously included
services. The following network services and tools are discussed and
some require direct configuration, whereas others are helpful tools for
troubleshooting connectivity:
Network and Sharing Center
The
Network and Sharing Center is a new and improved user interface for
managing network connections. Integrated into the Network and Sharing
Center is the new Network Explorer, which has replaced My Network Places
from previous Windows operating systems.
Note
You can access the Network and Sharing Center using a variety of methods:
- Right-click the network status icon in the system tray and select Network and Sharing Center from the pop-up dialog box.
- Click the network status icon in the system tray and select Network and Sharing Center from the pop-up dialog box.
- Navigate through Start > Control Panel > Network and Sharing Center.
- Click Start and type network in the search box. The Network and Sharing Center link appears in the results box.
This tool presents several items within its main view. Figure 1 shows the default interface for the Network and Sharing Center upon opening the tool.
From this view, you see the following items:
Abbreviated Network Map of this computer and its connections
The network location type currently selected
The connections that are defined within each firewall profile
The configuration for the Sharing and Discovery services on the local computer
Using the preceding items as your outline, you can determine the following from Figure 4.6 and the computer this snapshot was taken from:
The Network Map
displays a workstation on the left connected to a Microsoft Windows
domain called home.local and through this connection has access to the
Internet. You can display a more detailed map.
The
network location type is set to Microsoft’s default Domain type (more
on this setting in the following section) because the computer is a
member of a Windows domain.
A
single connection is set to the domain type that has both local and
Internet connectivity. Although the connection is wireless, the
abbreviated diagram in Figure 4.6 does not note this.
In
the Sharing and Discovery section of the dialog box, none of the
Sharing and Discovery features are turned on. These are the default
settings for the domain profile setting. These items also are discussed
in a later section.
From the task list on the left side of Figure 1,
you can see that you are able to connect to other networks via wireless
as well Virtual Private Networks. You also can troubleshoot your
current connections.
The Network and Sharing
Center provides the jump point for several important network
configuration tasks.
Network Profiles
Windows Vista uses
network profiles to classify network connections to configure default
settings for Windows Vista’s Firewall, file sharing, and discovery
services. These network profiles are configurable and are stored for
later use when the
connection to that network has been established. This enables you to
configure settings unique to each connection a computer makes. These
settings are then used to configure default settings for the affected
parameters of the Sharing and Discovery features listed in the Network
and Sharing Center.
The network profile is
configured with a firewall profile. The firewall profiles have numerous
configuration options. Three firewall profiles are listed as location
types in the Network and Sharing Center. Following are these firewall
policies:
Domain—
This profile is automatically selected whenever a computer joins a
domain. It is very restrictive in its settings because desktop computers
within an enterprise do not often share local resources.
Public—
This is the default profile when a computer is not connected to a
domain. The settings for this profile are set at their most restrictive
configuration. Network Discovery and file and print sharing settings are
turned off.
Private—
This profile is designed to allow a more liberal approach to Network
Discovery and file and print sharing services. This profile should be
applied only where the computer is connected to a trusted network. Only
an administrator of the local computer can assign this profile.
Table 1 shows the default settings for the items displayed in the Network and Sharing Center for each of the three profiles.
Table 1. Default Network Profile Settings for Each of the Network Location Types
| Sharing and Discovery Setting | Settings for the Network Location Type |
|---|
| Domain | Public | Private |
|---|
| Network Discovery | Off | Off | On |
| File sharing | Off | Off | Off |
| Public folder sharing | Off | Off | Off |
| Printer sharing | Off | Off | Off |
| Password-protected sharing | Off | Off | Off |
| Media sharing | Off | Off | Off |
Alert
Although Table 1
shows very little difference in the configuration settings between each
of the firewall profiles or location types, when you are answering
questions on the exam, you can assume the following:
Domain
is always chosen when a computer is a part of a domain. There is no
choice other than to manually redefine the settings shown in this table.
Public should always be chosen for untrusted network locations such as an office or a wireless access point connection at a coffee shop. It is chosen by default whenever a network profile is chosen without user interaction.
Private should be selected only when the network location is trusted, such as a home network environment.
Windows Vista utilizes a
decision tree in deciding the computer’s overall profile, especially if
different location types are selected on different interface
connections. In Windows Vista, an overall profile is applied if one or
more interfaces are connected with different network location types
configured for each of the connections. The following is a decision tree
that the Network Location Awareness (NLA) service uses to determine the
computer’s profile from the existing connections on a computer:
All interfaces that are connected to any network are explored.
If
any interface that is connected to a network is determined to be or
configured as Public, the computer’s profile is set to Public. The NLA
service exits here.
If
any interface that is connected to a network is configured as Private,
the computer’s profile is set to Private. The NLA service exits here.
Does
each interface successfully see a domain controller and did the
computer successfully log on? If yes, the computer’s profile is set to
Domain and the NLA service exits here.
If none of the above is true, the computer’s profile is set to Public.
The goal is to set the computer
to the most restrictive profile setting. So if your computer is
connected to a domain in your company’s network but also configures a
connection to a wireless broadband provider, the computer’s profile is
set to Public.
Network Setup Wizard
The Network Setup Wizard
makes creating new network connections a snap. In addition to
recognizing available network devices and automating a connection with
them, the Network Setup Wizard also automatically discovers any wireless
networks that are within range of your computer. You are then able to
select one of them and proceed through the wizard to finalize the
connection.
After a new connection has
been made, you are given the option to save the network settings to a
universal serial bus (USB) Flash drive. This saved connection on the USB
device can then be used to automate network connection setup on another
computer.
Network Map
The new Network and Sharing
Center supports the new Network Map feature, which is visible at the top
of the window when you first open the Network and Sharing Center. The
Network Map uses a discovery protocol (discussed later) to map out the
topology of the local network. Using information previously gathered and
collected when assessing a network profile, the Network Location
Awareness feature identifies the network services and connection type.
The Network Map then uses the information gathered by the NLA service to
determine the connectivity information and media type and then
graphically display the discovered topology. Devices on the local
network also must support discovery to appear in the Network Map.
The
Network Map initially displayed in the Network and Sharing Center is
essentially an abbreviated topology showing only enough connection
information regarding the computer’s access to the LAN and to the
Internet. You can use a more complete topology for troubleshooting a
computer’s connection within the local network by selecting to view the
full map from the display located on the Network and Sharing Center. Figure 2 shows a more complete topology of the network than the one displayed in Figure 1.
As you can see from the large
enterprise run inside the house in this example, several wireless
computers are attached to a Belkin wireless access point connected to a
gateway device that has an Internet connection.
Network Discovery
Microsoft Windows Vista introduced a new way to discover network devices within your network. Network Discovery uses the Link-Layer Topology Discovery (LLTD)
protocol. The Network Map feature uses the LLTD protocol to draw the
topology of the network. LLTD also enables one-click access to the
discovered devices so that you can browse or configure their network
settings. LLTD also allows other LLTD-capable devices to discover your
computer for network resource sharing services. LLTD is a part of
Microsoft’s Windows Rally licensed technologies (formerly called Windows
Connect Now).
LLTD
is a data-link layer protocol that is capable of operating over wired
and wireless networks. Because LLTD is the basis by which the Network
Map feature creates its topology map of network devices and their
interconnections, the Link-Layer Topology Discovery Mapper service in
Windows Vista is required. This service has two components:
Link-Layer Discovery Responder— This LLTD component allows the current device to be located by other LLTD-capable network devices.
Link-Layer Discovery I/O Driver— This LLTD component performs the discovery of other LLTD-capable devices.
LLTD works with Universal Plug and Play (UPnP)
to classify the discovered devices and list their capabilities and
function within the network. This enables one network device to connect
to any discoverable network device and possibly automate their connection and configuration.
Alert
Microsoft
Windows Vista and the newly released Windows Server 2008 are the only
operating systems from Microsoft that provide full LLTD-capable support
and services. Microsoft provides an LLTD Responder client for Windows
XP. You must download this client from the Microsoft Download Center and
install it on every Windows XP computer you want to be discovered.
Search the Microsoft Download Center for the support article Link-Layer
Topology Discovery (LLTD) Responder (KB922120).
Configuring Sharing and Discovery
To understand how to
configure the various aspects of the Sharing and Discovery feature found
in the Network and Sharing Center, you must understand what each
setting enables or disables.
Network Discovery
Enabling Network Discovery
on your computer allows other computers to discover your computer and
the shared resources available on it. This also allows your computer
that has the service enabled to discover other computers on the local
LAN.
File Sharing
Enabling the file sharing feature allows other computers to access file shares on your computer.
Public Folder Sharing
There
are three settings for the public folder sharing feature. You can
enable public folder sharing so that anyone with network access can open
files in the public share. You can enable additional access to the
public folder share that allows any network-connected user to open,
change, and create files. Finally, you can turn off this feature and
disable any network-connected users from accessing the public share on
this computer, but all local users are still entitled to access it.
Printer Sharing
Enabling the printer sharing feature allows other computers to access printer shares on your computer.
Password-Protected Sharing
Turning on the
password-protected sharing feature allows only users with local accounts
on the computer to access file and printer shares as well as the public
folder share.
Media Sharing
When the media sharing feature
is enabled, users and devices on the network can access shared media,
and this computer can find other devices sharing media.
