You must provide a secure base to use Internet Information Server (IIS) and participate in the Internet. In this chapter, security refers to providing selective access to documents through Internet Information Server and preventing Internet users from maliciously tampering with your intranet.
This chapter presents:
For information about | See |
Windows NT security | Windows NT Server Concepts and Planning or the Microsoft Windows NT Workstation Resource Kit: Windows NT Workstation Resource Guide |
Windows NT security integration with Internet Information Server | Windows NT Server Microsoft Internet Information Server Installation and Administration Guide online HTML book, Chapter 6, "Securing Your Site Against Intruders" |
Note
The Microsoft Windows NT Administrator's Security Guide gives you the information you need to set up your Windows NT–based system to be eligible for C2-level security certification. Along with general topics on high-security installations for system administrators, the Administrator's Security Guide contains the "Microsoft Report on C2 Evaluation of Windows NT," which describes the evaluation process and gives directions for duplicating the computer systems that were evaluated by the National Computer Security Center (NCSC).
The NCSC evaluated version 3.5 of the Windows NT operating systems, but you will need the information in Administrator's Guide as well as the resource kits for version 4.0 of Windows NT Server and Windows NT Workstation when setting up a system for C2 certification.