Best Practices

Best Practices

• Create a TCP/IP hardening policy.

  Ensure that the TCP/IP stack on your Windows 2000 and Windows XP computers is appropriately secure, based on the threats to it. This is especially true of any computer directly connected to the Internet or in screened subnets.

• Use ICF for mobile and home computers running Windows XP.

  ICF provides an excellent degree of protection for mobile clients and home computers. Be certain to provide training to users on how to enable and disable ICF.

• Use IPSec hardware accelerators when possible.

  By using IPSec hardware accelerators on computers that will have many IPSec sessions at a time, such as servers, you can prevent the computer s CPU performance from being overly taxed.