Chapter 10: Designing Secure Network Management Infrastructure

Overview

A network will need constant maintenance and administration to keep running successfully. You will need to use tools to manage the network, but these tools can put your network at risk for attack. You will be able to locally manage a server by sitting down at the console and keyboard and logging in to the server. But there will be times when this is inconvenient or impossible. For example, you may not have access to the server room where the equipment is housed; you may be required to have access to the system seven days a week, twenty-four hours a day; or your computers may be hosted by a remote company like an ISP or an offsite data center for disaster recovery purposes. You will need to decide whether you will allow remote administration of server and the extent to which you will need to remotely manage the network before you deploy your Windows 2003 Server machines.

In this chapter, you will learn how to decide if you can afford the security risks associated with managing the network and how to manage these risks. You will then need to decide what tools you will use to manage the network and what the risks are with each of these tools. Finally, you will need to consider the need for headless network management through a new feature in Windows 2003 Server called Emergency Management Services, which will let you manage your server even when it is locked up and not responding to normal management tools.