Solution for Securing Windows 2000 Server

Microsoft Solution for Securing Windows 2000 Server

Updated - February 17^th 2003
Topics on this Page

This Securing Windows 2000 Security Solution reinforces Microsoft's commitment to Trustworthy Computing through structured guidance to help you understand and implement the processes and decisions that must be made to get secure, and stay secure.
This prescriptive solution is aimed at helping reduce security vulnerabilities and lower the costs of exposure and security management in the Windows 2000 environment.

The detailed guidance focuses on providing a full lifecycle advice on securing your Windows 2000 Server environment - risk assessment and analysis, securing specific critical Windows 2000 server roles, and operating a secure environment after the initial lockdown phases have completed.

Content

Securing Windows 2000 Server Solution is delivered in 11 chapters, plus a Test Guide, a Delivery Guide, and a Support Readiness Guide, each with applicable job aids, script files and test cases. The 11 chapters of Securing Windows 2000 Server provide the following guidance:

Chapter 1: Introduction to Securing Windows 2000 Server

This introductory chapter gives a brief overview of the entire Securing Windows 2000 Server guide.

Chapter 2: Defining the Security Landscape

The focus of this chapter is defining security components that need to be understood to perform a security analysis of your organization.
It gives general guidance on how to perform a preliminary asset analysis for your organization and explains how threats, exposures, vulnerabilities, and countermeasures relate to each other.

Chapter 3: Understanding the Security Risk Management Discipline

This chapter draws upon proven practices from security analysis methodologies in use today that leverage the MSF and MOF. The Security Risk Management Discipline (SRMD) is defined in detail.

Chapter 4: Applying the Security Risk Management Discipline

Determine which threats and vulnerabilities have the most potential impact on a particular organization. A fictitious company, with needs common to many businesses today, is used to illustrate the steps taken to assess real-world vulnerabilities and reach decisions on implementing Windows 2000 Servers. In the chapter’s conclusion, the specific risks addressed are fully defined, described, and analyzed.

Chapter 5: Securing the Domain Infrastructure

Determining the criteria on which to base decisions that impact the organization at a domain level is the focus of this chapter. It gives a high-level overview of the Microsoft® Active Directory® service design, the organizational unit (OU) design, and domain policy. In addition, specific domain policies that are implemented at the fictional customer scenario used in this guide are discussed in detail.

Chapter 6: Hardening the Base Windows 2000 Server

This chapter explains the base settings applied to the member servers in the fictional customer scenario. For example, Group Policy is used to apply as many of the changes to the default Windows 2000 Server configuration as possible. For the member servers in this scenario, the Group Policy settings described are stored in the security template, MSS Baseline.inf. To apply the settings, this template is imported into the Member Server Baseline Policy group policy, which is linked to the Member Server OU.

Chapter 7: Hardening Specific Server Roles

The domain controllers, file servers, network infrastructure servers, and Web servers in any organization require different settings to maximize their security. This chapter shows the steps that should be taken to ensure that the domain controllers and the other primary member server roles are as secure as possible.

Chapter 8: Patch Management

This chapter shows how to: ensure that an environment is kept up to date with all necessary W2K security patches, find out about new patches in a timely manner, implement them quickly and reliably, and monitor to ensure that they are deployed consistently.

Chapter 9: Auditing and Intrusion Detection

How to audit an environment to provide the best chance of spotting attacks is the focus of Chapter 9. It also looks at intrusion detection systems—software that is specifically designed to detect behavior that indicates an attack is occurring.

Chapter 10: Responding to Incidents

The best ways to respond to different types of attacks are covered in this chapter. It includes the steps needed to report the incidents effectively and includes a case study to illustrate a typical response to an incident.

Chapter 11: Conclusion

This chapter closes out the solution guide with a brief review of the material.

Using the principles of Microsoft® Security Foundation (MSF) and Microsoft Operations Foundation (MOF), Microsoft has created the Security Risk Management Discipline.
This guides you through the steps to identify the threats and vulnerabilities that exist and determine which have the greatest potential impact. This comprehensive information and analysis techniques are provided to enable you to reuse them to assess specific security risks to your deployment of Windows 2000 Servers. Recommendations are detailed regarding specific server roles, the identified, mitigated risks and vulnerabilities with step by step instructions, to ensure a secure deployment. Finally, guidance on Patch Management, Auditing and Intrusion Detection, and Responding to Incidents is detailed.

Downloads

Email to the 1USA Webmasters

Goto the 1USA Home Page at least once per week. The new features will be in the What's New section.

	Microsoft Solution for Securing Windows 2000 Server

	Updated - February 17^th 2003 Topics on this Page This Securing Windows 2000 Security Solution reinforces Microsoft's commitment to Trustworthy Computing through structured guidance to help you understand and implement the processes and decisions that must be made to get secure, and stay secure. This prescriptive solution is aimed at helping reduce security vulnerabilities and lower the costs of exposure and security management in the Windows 2000 environment. The detailed guidance focuses on providing a full lifecycle advice on securing your Windows 2000 Server environment - risk assessment and analysis, securing specific critical Windows 2000 server roles, and operating a secure environment after the initial lockdown phases have completed. Content Securing Windows 2000 Server Solution is delivered in 11 chapters, plus a Test Guide, a Delivery Guide, and a Support Readiness Guide, each with applicable job aids, script files and test cases. The 11 chapters of Securing Windows 2000 Server provide the following guidance: Chapter 1: Introduction to Securing Windows 2000 Server This introductory chapter gives a brief overview of the entire Securing Windows 2000 Server guide. Chapter 2: Defining the Security Landscape The focus of this chapter is defining security components that need to be understood to perform a security analysis of your organization. It gives general guidance on how to perform a preliminary asset analysis for your organization and explains how threats, exposures, vulnerabilities, and countermeasures relate to each other. Chapter 3: Understanding the Security Risk Management Discipline This chapter draws upon proven practices from security analysis methodologies in use today that leverage the MSF and MOF. The Security Risk Management Discipline (SRMD) is defined in detail. Chapter 4: Applying the Security Risk Management Discipline Determine which threats and vulnerabilities have the most potential impact on a particular organization. A fictitious company, with needs common to many businesses today, is used to illustrate the steps taken to assess real-world vulnerabilities and reach decisions on implementing Windows 2000 Servers. In the chapter’s conclusion, the specific risks addressed are fully defined, described, and analyzed. Chapter 5: Securing the Domain Infrastructure Determining the criteria on which to base decisions that impact the organization at a domain level is the focus of this chapter. It gives a high-level overview of the Microsoft® Active Directory® service design, the organizational unit (OU) design, and domain policy. In addition, specific domain policies that are implemented at the fictional customer scenario used in this guide are discussed in detail. Chapter 6: Hardening the Base Windows 2000 Server This chapter explains the base settings applied to the member servers in the fictional customer scenario. For example, Group Policy is used to apply as many of the changes to the default Windows 2000 Server configuration as possible. For the member servers in this scenario, the Group Policy settings described are stored in the security template, MSS Baseline.inf. To apply the settings, this template is imported into the Member Server Baseline Policy group policy, which is linked to the Member Server OU. Chapter 7: Hardening Specific Server Roles The domain controllers, file servers, network infrastructure servers, and Web servers in any organization require different settings to maximize their security. This chapter shows the steps that should be taken to ensure that the domain controllers and the other primary member server roles are as secure as possible. Chapter 8: Patch Management This chapter shows how to: ensure that an environment is kept up to date with all necessary W2K security patches, find out about new patches in a timely manner, implement them quickly and reliably, and monitor to ensure that they are deployed consistently. Chapter 9: Auditing and Intrusion Detection How to audit an environment to provide the best chance of spotting attacks is the focus of Chapter 9. It also looks at intrusion detection systems—software that is specifically designed to detect behavior that indicates an attack is occurring. Chapter 10: Responding to Incidents The best ways to respond to different types of attacks are covered in this chapter. It includes the steps needed to report the incidents effectively and includes a case study to illustrate a typical response to an incident. Chapter 11: Conclusion This chapter closes out the solution guide with a brief review of the material. Using the principles of Microsoft® Security Foundation (MSF) and Microsoft Operations Foundation (MOF), Microsoft has created the Security Risk Management Discipline. This guides you through the steps to identify the threats and vulnerabilities that exist and determine which have the greatest potential impact. This comprehensive information and analysis techniques are provided to enable you to reuse them to assess specific security risks to your deployment of Windows 2000 Servers. Recommendations are detailed regarding specific server roles, the identified, mitigated risks and vulnerabilities with step by step instructions, to ensure a secure deployment. Finally, guidance on Patch Management, Auditing and Intrusion Detection, and Responding to Incidents is detailed. Downloads Email to the 1USA Webmasters