Home > Uncategorized > Windows 2003 Security Guide

Windows 2003 Security Guide

I’ve recently decided to lock down the MCSE classroom servers and workstations. Most of the exercises done by the students only accomplished to reveal a setting here and there within the GPO or local policy. I will using a variety of methods and tools to accomplish this. The following are my currently defined objectives:

  • Define baseline security measures

  • Define and create role specific templates

  • Apply all security templates using GPO’s

  • Implement authentication & encryption at the Network layer using IPSec

  • Configure any manual changes as required to improve security

After doing some research I’ve decided to follow the “Windows 2003 Security Guide”. The guide is broken into 13 chapters and covers both baseline and server specific roles using GPO’s and the Security Configuration Wizard that is available with Sever2003 SP1.   IPSec will also be configured to provide an additional layer of protection for IP packets.  It not only acts as a packet filtering firewall but can be configured to require either Authentication and\or Encrpytion for all IP packets.

The primary server roles that are discussed in the guide include:

  • Domain controllers that include DNS services

  • File\Print Servers

  • Web Servers

  • Microsoft Internet Authentication Server (IAS) servers

  • Certificate Services (CA) servers

  • Bastion Hosts

I’ve also chosen to use the Enterprise Client Member Server Baseline.inf security policy provided by the guide. Also, in order to assist in determing which ports are required for server specific roles I will reference the “Network Ports Requirements for Server 2003”

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: