Chapter 2: Advanced Security Template and Group Policy Issues

Introduction

You might be tempted to think that after you've deployed your security solution via Group Policy or by using a template, your work is done. Unfortunately, this is not the case. The ground that we covered in Chapter 1 was just the groundwork for much more material to come in this book.

After you've configured a baseline security solution for your network, you might want to go back and take a hard look at the specific roles that each server performs. Different server functions require different security solutions, and in this chapter we take a look at some of the most common server implementations that you can expect to find in your network. You will, of course, want to take the same sort of precautions with your client computers, desktops and portables alike. We will examine the security issues inherent in each of these client computers and what you can do to make them as secure as possible.

After looking at some of the advanced security measures we have at our disposal to create secure servers and clients, we need to address some additional topics associated with using security templates. It's quite possible that you will encounter some problems when attempting to apply a security template to your computers, so we will examine some troubleshooting issues associated with security template deployments. Difficulty in deploying security templates are usually traced to one of two common problems: upgrade installations or legacy clients. We will examine both of these issues in some detail in this chapter. Additionally, we examine the tools with which you can perform troubleshooting of security template deployment.

In the last portion of this chapter, we shift gears somewhat and look at configuring Server Message Block (SMB) traffic for security. Administrators often fail to perform this relatively simple action—more often than not due to lack of knowledge. Configuring for secure SMB communications can help prevent the impersonation of clients and servers, but it has some disadvantages associated with it as well. In this chapter we examine the process and the particulars associated with securing SMB traffic on your network.



MCSE. MCSA Implementing & Administering Security in a Windows 2000 Network Study Guide Exam 70-214
MCSE/MCSA Implementing and Administering Security in a Windows 2000 Network: Study Guide and DVD Training System (Exam 70-214)
ISBN: 1931836841
EAN: 2147483647
Year: 2003
Pages: 162

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net