Windows Server 2003 Security

Description

Security is one of the biggest issues facing Windows administrators. Until now

admins have had to gather information from various online and print sources.

This is the first book to gather into one place in an easy to follow format all the

information available about security on the Windows Server 2003 platform.

While it is written in the form of a reference, the author doesn't just list the

features, however, but gives a plethora of practical implementation tips. It

extends security from single server based best practices to those that can

produce an entire security framework for Windows domains. Roberta Bragg is

one of the best known writers and speakers on the subject, and she uses her

knowledge of what problems professional administrators face every day to fine

tune the content to their needs. She will be promoting this book heavily in her

many articles and speaking engagements.

Back Cover

"Once again, Roberta Bragg proves why she is a leading authority in the security field! It's clear that Roberta has had a great deal of experience in real-world security design and implementation. I'm grateful that this book provides clarity on what is often a baffling subject!"

James I. Conrad, MCSE 2003, Server+, Certified Ethical Hacker
James@accusource.net

"Full of relevant and insightful information. Certain to be a staple reference book for anyone dealing with Windows Server 2003 security. Roberta Bragg's Windows Server 2003 Security is a MUST read for anyone administering Windows Server 2003."

Philip Cox, Consultant, SystemExperts Corporation
phil.cox@systemexperts.com

"Few people in the security world understand and appreciate every aspect of network security like Roberta Bragg. She is as formidable a security mind as I have ever met, and this is augmented by her ability to communicate the concepts clearly, concisely, and with a rapier wit. I have enjoyed working with Roberta more than I have on any of the other 20 some odd books to which I have contributed. She is a giant in the field of network security."

Bob Reinsch
bob.reinsch@fosstraining.com

"Windows Server 2003 Security explains why you should do things and then tells you how to do it! It is a comprehensive guide to Windows security that provides the information you need to secure your systems. Read it and apply the information."

Richard Siddaway, MCSE
rsiddaw@hotmail.com

"Ms. Bragg's latest book is both easy to read and technically accurate. It will be a valuable resource for network administrators and anyone else dealing with Windows Server 2003 security."

Michael VonTungeln, MCSE, CTT
mvontung@yahoo.com

"I subscribe to a number of newsletters that Roberta Bragg writes and I have 'always' found her writing to be perfectly focused on issues I 'need' to know in my workplace when dealing with my users. Her concise writing style and simple solutions bring me back to her columns time after time. When I heard she had written a guide on Windows 2003 security, I 'had' to have it.

Following her guidance on deployment, her advice on avoiding common pitfalls, and her easy to follow guidelines on how to lock down my network and user environments (those darned users!) has me (and my clients) much more comfortable with our Win2k3 Server deployments. From AD to GPO's to EFS, this book covers it all."

Robert Laposta, MCP, MCSA, MCSE, Io Network Services, Sierra Vista
AZrob.laposta@cox.net

"Roberta Bragg has developed a 'must have' manual for administrators who manage Microsoft Windows 2003 servers in their organizations. The best practices for strengthening security controls are well organized with practical examples shared throughout the book. If you work with Windows 2003, you need this great resource."

Harry L. Waldron, CPCU, CCP, AAI, Microsoft MVP - Windows Security Information Technology Consultant
harrywaldronmvp@yahoo.com

"Roberta Bragg's Windows Server 2003 Security offers more than just lucid coverage of how things work, but also offers sound advice on how to make them work better."

Chris Quirk; MVP Windows shell/user
cquirke@mvps.org

"This book is an invaluable resource for anyone concerned about the security of Windows Server 2003. Despite the amount and complexity of the material presented, Roberta delivers very readable and clear coverage on most of the security-related aspects of Microsoft's flagship operative system. Highly recommended reading!"

Valery Pryamikov, Security MVP, Harper Security Consulting
valery.pryamikov@harper.no

"As long as you have something to do with Windows 2003, I have four words for you: 'Order your copy now.'"

Bernard Cheah, Microsoft IIS MVP, Infra Architect, Intel Corp.
bernard@mvps.org

If you're a working Windows administrator, security is your #1 challenge. Now there's a single-source reference you can rely on for authoritative, independent help with every Windows Server security feature, tool, and option: Windows Server 2003 Security

Renowned Windows security expert Roberta Bragg has brought together information that was formerly scattered through dozens of books and hundreds of online sources. She goes beyond facts and procedures, sharing powerful insights drawn from decades in IT administration and security. You'll find expert implementation tips and realistic best practices for every Windows environment, from workgroup servers to global domain architectures. Learn how to:

• Reflect the core principles of information security throughout your plans and processes

• Establish effective authentication and passwords

• Restrict access to servers, application software, and data

• Make the most of the Encrypting File System (EFS)

• Use Active Directory's security features and secure Active Directory itself

• Develop, implement, and troubleshoot group policies

• Deploy a secure Public Key Infrastructure (PKI)

• Secure remote access using VPNs via IPSec, SSL, SMB signing,

• LDAP signing, and more

• Audit and monitor your systems, detect intrusions, and respond appropriately

• Maintain security and protect business continuity on an ongoing basis

"Roberta Bragg has developed a 'must have' manual for administrators who manage Microsoft Windows 2003 servers in their organizations. The best practices for strengthening security controls are well organized, with practical examples shared throughout the book. If you work with Windows 2003, you need this great resource."

Harry L. Waldron
CPCU, CCP, AAI Microsoft MVP—Windows Security Information Technology Consultant

© Copyright Pearson Education. All rights reserved.

Contents

Front Matter.

Preface.

I. SECURITY BASICS.

1. Principles of Information Security.

II. SECURING THE SERVER ITSELF.

2. Authentication. Proof of Identity.

3. Authorization—Limiting System Access and Controlling User Behavior.

4. Restricting Access to Software; Restricting Software’s Access to Resources.

5. Controlling Access to Data.

6. EFS Basics.

III. SECURING DOMAIN SERVICES.

7. Active Directory’s Role in Domain Security.

8. Trust.

9. Troubleshooting Group Policy.

10. Securing Active Directory.

11. Securing Infrastructure Roles.

IV. PUBLIC KEY INFRASTRUCTURE.

12. PKI Basics.

13. Implementing a Secure PKI.

V. SECURING THE VIRTUAL NETWORK.

14. Securing Remote Access.

15. Protecting Data in Flight.

VI. MAINTENANCE AND RECOVERY.

16. Maintenance Strategies and Administrative Practices.

17. Basics of Data Backup and Restore.

VII. MONITORING AND AUDIT.

18. Auditing.

19. Monitoring and Assessment.

Index.

Features

Finally there is a comprehensive, practical guide to Windows Server 2003 security!

° Roberta Bragg is one of the most widely recognized and respected names in the Windows security field

° Security is the most urgent concern of most Windows administrators

° Provides deep technical details on Windows security systems, including how they work and how to correctly configure them for maximum protection

° Will appeal to admins of all levels

Author

Roberta Bragg, MCSE, CISSP, and Microsoft MVP, is one of the world's most respected Windows security consultants, columnists, and speakers. She has served as the security advisor for Redmond Magazine (formerly MCP Magazine), and as a feature columnist for the weekly Security Watch e-newsletter. Her books include Hardening Windows Systems (McGraw-Hill Osborne Media, 2004); MCSE Training Guide (70-220): Windows 2000 Network Security Design, Second Edition (Que, 2002); and Windows 2000 Security (New Riders Publishing, 2000). Bragg runs her own company, Have Computer Will Travel. She lives in Kansas City, MO.

© Copyright Pearson Education. All rights reserved.