Security

Building a secure network operating system is not an easy task. Security features must be built into every component of the system; and like a chain, the network is only as secure as its weakest link. Security issues you need to consider when building a secure system environment include user account storage, user authentication, file system access, memory-management integrity, environment subsystems control, and the like. The main goal of network security is to protect all of these components from unauthorized access. Many hackers have a mission of gaining unauthorized access. I’m not sure whether they are bored, greedy, or just mean—or all three—but this is the way things are. You establish security by locking components to make unauthorized access difficult. Unfortunately, such a step can also cause authorized access to be difficult. The industry has to be vigilant about staying a step ahead of hackers. A well-planned and well- implemented computer security plan can help make authorized computer use easy and make unauthorized use, intentional or accidental damage, and theft of information difficult or impossible. For more information on computer security, see:

http://www.radium.ncsc.mil/tpep/

Stay ahead of hackers.

WinFrame gives you new tools for limiting access to applications, system tools, and resources. The base of Windows NT Server provides the following security measures:

WinFrame relies on Windows NT security.

• C2-level security
  
  
• Multilevel passwords and privileges
  
  
• Roving callbacks
  
  
• Encrypted login and data
  
  
• File-level security to protect data privacy
  
  
• Network resource integrity

WinFrame goes even further by adding the following features:

WinFrame also adds tools for security.

• Utilities to lock down files and directories to prevent unauthorized access
  
  
• Security auditing utilities that report potential file and directory security exposures and give a detailed report of logon/logoff activity, both successful and unsuccessful
  
  
• Detailed procedures for securing trust relationships, services, and network bindings
  
  
• Utilities that allow users to execute only applications that appear on a list of approved applications
  
  
• An application execution shell that creates a secure standardized execution environment for applications
  
  
• RSA RC5 encryption of ICA data using the Citrix Secure ICA Encryption Pack

For more information on C2 security, consult:

http://www.microsoft.com/security/