Security

Defending Against Malicious Attacks

The need to safeguard corporate data is great, and while most Web users are benign, many are not. This section addresses some of the low-level security settings required in a Windows 2000 Server and IIS 5.0 environment.

To secure any computer system such as Windows requires a good deal of underlying system knowledge, as well as knowledge of the latest security fixes.

Historically, securing a Windows server has required setting security options in many areas, such as:

• The file system
• The registry
• Networking protocols
• Application settings
• User and group accounts
• Account policies
• System services

Setting all these policies by hand is both tedious and error-prone. Windows 2000 Server includes a tool called Security Configuration and Analysis in order to alleviate this problem. Its primary goal is to provide a single point of administration for Windows system security.

Security Configuration and Analysis allows an administrator to:

• Define one or more security policies based on the role of the computer.
• Configure a server to match a security policy.
• Audit against an existing policy and report differences.

See the following:

• Using the Security Templates

© 1997-1999 Microsoft Corporation. All rights reserved.