Questions about RADIUS server and TCP/IP & NetBIOS

Noah-Noah · November 2015

Dear Friends,
can you please help me answer these questions? Thank you in advance for your help.

Q.1 : Describe the best location to place the RADIUS server in a typical mid-sized enterprise network's firewall architecture.

Q.2 : Initially, Microsoft used the NetBIOS protocol stack for networking, but later switched to TCP/IP. One reason for this change was that the NetBIOS protocol has no OSI Network Layer functionality. Discuss how this absence of Network Layer addressing NetBIOS can be both a positive and a negative feature of the protocol. Be sure to give an example of a situation when the use of NetBIOS would be advantageous and one in which its use would be disadvantageous.

jdancer · November 2015

Q.1: I would personally put in the DMZ but I have seen it put on the inside network.

Q.2: NetBIOS itself is a Layer 2 protocol, hence it's non-routable. Good for security since it's really local to the LAN. Since it's non-routable, can't use it on other LANs. However, NetBIOS now runs over TCP/IP so it makes it routable. If you are connected to the Internet, make sure you block NetBIOS TCP traffic outbound.

Noah-Noah · November 2015

Thank you very much Jdancer. I appreciate your response.

DPN1 · November 2015

You could definitely have the server on either the inside or DMZ. The fact it is a Radius server makes me thinks it could be inside as I dont see any need for it to be in the DMZ. In my work im sure our Tacacs server is on the inside.

Noah-Noah · November 2015

Thank you DPN1 for your response. Best regards.

Questions about RADIUS server and TCP/IP & NetBIOS

Comments