From the introduction of the Windows Server 2008 Security Guide:
IT security is everybody's business. Every day, adversaries are attempting to invade your networks and access your servers to bring them down, infect them with viruses, or steal information about your customers or employees. Attacks come from all directions: from onsite employee visits to Web sites infected with malware, to offsite employee connections through virtual private networks (VPNs), branch office network connections to corporate servers, or direct assaults on vulnerable computers or servers in your network. Organizations of all sizes now also face more complex and demanding audit requirements.
You know firsthand how essential your servers are to keeping your organization up and running. The data they house and the services they provide are your organization's lifeblood. It is your job to stand guard over these essential assets, prevent them from going down or falling victim to attacks from outside and inside your organization, and to prove to auditors that you have taken all reasonable steps to secure your servers.
Windows Server 2008 is engineered from the ground up with security in mind, delivering an array of new and improved security technologies and features that provide a solid foundation for running and building your business. The Windows Server 2008 Security Guide is designed to further enhance the security of the servers in your organization by taking full advantage of the security features and options in Windows Server 2008.
This guide builds on the Windows Server 2003 Security Guide, which provides specific recommendations about how to harden servers running Windows Server 2003 with Service Pack 2 (SP2). The Windows Server 2008 Security Guide provides recommendations to harden servers that use security baselines for the following two environments:
- Enterprise Client (EC). Servers in this environment are located in a domain that uses AD DS and communicate with other servers running Windows Server 2008 or Windows Server 2003 SP2 or later. The client computers in this environment include a mixture: some run Windows Vista whereas others run Windows XP with SP2 or later. For information about the baseline security settings that this environment uses, see "Appendix A: Security Group Policy Settings."
- Specialized Security - Limited Functionality (SSLF). Concern for security in this environment is so great that a significant loss of functionality and manageability is acceptable. For example, military and intelligence agency computers operate in this type of environment. The servers in this environment run only Windows Server 2008. For information about the SSLF settings that this environment uses, see "Appendix A: Security Group Policy Settings
Check out the complete guide at:
Thomas W Shinder, M.D.
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
Email: [email protected]
MVP - Microsoft Firewalls (ISA)