In this article, we will discuss what every Microsoft Windows Administrator and Engineer should think about when trying to manage their environments in the scope of planning for Disaster Recovery and Business Continuity. This is Part II in a 4 part article series where we will cover many of the details administrators and engineers need to know about planning Disaster Recovery for Windows Systems, as well as for their networks in general.
Not only is Microsoft Boasting that Windows Server 2003 is very secure… they have also released prior to the selling of the actual operating system, the ‘free’ (yes you heard this right), security guide for the base operating system as well as many of the services that come with it, like IIS, File and Print services and more.
One big change, very noticeable in Windows Server 2003, is the difference in default settings. In this two-part article, we’ll look at how the out-of-the-box server differs in its defaults from previous versions and how the new defaults make the OS more secure (while at the same time causing frustration for some admins and users who find themselves unable to gain access that was available without any reconfiguration in earlier operating systems). In Part 1, we’ll focus on how the default permissions have changed, changes to the membership of the Everyone group, and ownership of objects.
One key security practice that is often overlooked by admins is the Windows registry. In addition to configuration information, the registry contains security contexts that can be used to elevate a user’s privilege. If left unsecured, it is a good platform from which a hacker can use to gain access to administrative functions of the computer, and even possibly the domain as well.
In this article, we will discuss what every Microsoft Windows Administrator and Engineer should think about when trying to manage their environments in the scope of planning for Disaster Recovery and Business Continuity. This is Part I in a 4 part article series where we will cover many of the details administrators and engineers need to know about planning Disaster Recovery for Windows Systems, as well as for their networks in general. In part I, we will look at Windows 2000 & Windows Server 2003 Clustering & Load Balancing for high availability, as well as general planning information.
This two-piece article highlights the need for strong passwords. Passwords are an essential means in achieving maximum security; passwords truly serve as a first layer of defense complimenting any security strategy. Once the decision has been made to enforce the usage of passwords as part of ones goal to security achievement a further decision must be made on the type of password policy one would prefer to use. The password policy should be strict and no exemptions should be allowed.
Delegation is the act of giving power, responsibility or authority to someone (or something). When we talk about delegation in the context of administering our Windows Server 2003 computers and networks, we can be talking about either the Delegation of administrative authority (also called delegation of control); or the Delegation of authentication (allowing a service to use a user or computer account for access to resources). It is this second type of delegation that we will discuss in this article. Windows Server 2003 has provided some enhancements to this feature that will make your administrative life a little easier.
Security has many facets when it comes to computers. We often focus on securing the network and our systems from outside intruders and from malicious code such as viruses, worms and Trojans. Because the damage from these can be so immediate and so drastic, we sometimes overlook the need to secure the data contained in our documents from others within the organization, and even to control the extent of access for those with whom we do need to share our information.
Just a few years ago, the focus of enterprise security was primarily split between perimeter security and authentication controls. Security engineers spent their time mulling over firewall implementations, access rights, and the occasional implementation of encryption technologies. A new movement though has overtaken the industry as security breaches have become more and more common despite perimeter defenses, thus forcing enterprises to start reassessing security again from a host based perspective.
Here's what you've been waiting for! Part 3 in our series on how to get the calling ISA Server firewall/VPN gateway to use EAP/TLS certificate-based authentication when connecting to the answering ISA Server firewall/VPN gateway. Get it while before we run out of copies 🙂
