Chapter 2: Securing Servers Based on Function - MCSE Designing Security for a Windows Server 2003 Network [Electronic resources] : Exam 70-298 Study Guide نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

MCSE Designing Security for a Windows Server 2003 Network [Electronic resources] : Exam 70-298 Study Guide - نسخه متنی

Elias N. Khnaser, Susan Snedak, Chris Peiris, Rob Amini

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
توضیحات
افزودن یادداشت جدید




Chapter 2: Securing Servers Based on Function


Introduction


When you’re designing network security for a medium-to-large enterprise, it’s often helpful to think of servers in terms of the role that they play on the network, rather than just as “Server1,” “Server2,” and “Server3.” To assist in this process, Windows Server 2003 has introduced features such as the Configure Your Server Wizard that simplify the process of assigning a specific role to a given machine. Once you’ve configured a server (or group of servers) to fulfill a specific role on your network, you should then secure these different server roles in a consistent fashion to improve the overall security of your enterprise network.

In this chapter, we discuss the use of security templates as a way to apply consistent security settings to an entire network, or to a subset of computers or servers. You’ll need to begin with a baseline security template that will define security settings common to your entire network. We’ll start with a review of the use of security templates, which you should already be familiar with from preparing for the Windows Server 2003 Core Four exams. Once we’ve reviewed the use of security templates in Windows Server 2003, we’ll focus on how to deploy these templates across an entire network in an efficient manner. (You certainly wouldn’t want to individually configure security settings on a network with hundreds or thousands of machines, now, would you?) We’ll focus on the use of Group Policy Objects (GPOs) and scripting techniques to quickly deploy common security settings across an entire network.

Once you’ve established your baseline security settings, you’ll then need to modify those settings based on the function of a given server or group of servers on your network. A number of security enhancements can specifically benefit machines that are functioning as domain controllers (DCs), Web servers, network infrastructure servers, and file servers. Just as you used templates to create a common security configuration for your entire network, you can also modify that baseline to quickly configure a group of servers whose security requirements might differ from the common configuration. When designing a secure network infrastructure for a Windows Server 2003 network, the use and deployment of security templates will be of great use to you, both on the 70-298 exam and in real-world security deployments.

/ 122