Implementing an NDES Server
The implementation of an NDES server requires any machine that is capable of running Internet Information Services (IIS) that can communicate with a CA by using Distributed Component Object Model (DCOM) communications.
The following sections will walk through the installation and configuration of an NDES deployment for the network shown in Figure 27-3.
Figure 27-3. A sample NDES server deployment
This deployment follows best practices for a PKI deployment in that rather than installing the NDES role service on the CA, the role service is implemented on a separate server. The issuing CA of the three-tiered CA hierarchy is ...