Internet Explorer Enhanced Security Configuration for Servers


It goes without saying that the Internet Explorer (IE) browser complements the capabilities of IIS. These feature sets, and the system it runs on, however, are what needs to be protected. As part of Microsoft's security initiative, IE on the Windows Server 2003 platforms are now more secure.

The IE Enhanced Security Configuration is set on all server-based Windows Server 2003 editions. The first screen you notice after starting IE is an informational page about the security configuration as shown in Figure 11.20.

Figure 11.20. The IE Enhanced Security Configuration default page.


IE Enhanced Security Configuration protects the system by using IE's security zones. The Internet zone is set to high, trusted zones are set to medium-level security, and any local intranet zone remains at a medium-low setting. These settings restrict which Web sites can be browsed. When trying to visit a non-trusted site, a window pops up warning you that the Web site is not on the trusted list of sites (see Figure 11.21). However, you can grant access to any site by adding the site to the list of trusted sites. To add the site from the window illustrated in Figure 11.21, click the Add button. You will be prompted to then add the URL to the list of trusted sites. Alternatively, you can also add sites manually from a list, apply them to specific users or groups of users, or lower the security zone settings within IE's options.

Figure 11.21. Security zone warning window.


Although the warning pop-up windows can get annoying, it does help serve the purpose of protecting the server system. As Microsoft states in the IE Enhanced Security Configuration documentation, it is important to keep Web browsing on a server system to a minimum and when you do visit Web sites be sure that they can be trusted. Using IE on servers to visit Web sites should be used to obtain information for troubleshooting, downloading the latest update, and the like.




Microsoft Windows Server 2003 Unleashed(c) R2 Edition
Microsoft Windows Server 2003 Unleashed (R2 Edition)
ISBN: 0672328984
EAN: 2147483647
Year: 2006
Pages: 499

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net