Configuring New Security Features

Previous page
Table of content
Next page

Configuring New Security Features

New enhancements are available in Microsoft Windows XP SP2 for improving the manageability and visibility of key security capabilities in personal computers. New enhancements include the following:

  • The new Windows Security Center feature tells you the status of three major security components: Windows Firewall, Automatic Updates, and Virus Protection.

  • Windows Security Center indicates whether key security capabilities are turned on and up to date. Windows Security Center notifies you when updates are required or when you must take additional steps to help make your computer secure.

  • You can manage Windows Security Center by using Active Directory Group Policy settings. By default, Windows Security Center is turned off in domain environments.

The following sections describe how you can configure Windows XP SP2 and Windows Server 2003 SP1 security features. These features include the new Windows Security Center (Windows XP) and Windows Firewall. The question I've been most frequently asked since the release of SP2 is how to configure these two features.

Security Center Alerts

The Windows Security Center displays alerts in popup balloons when the firewall, the virus scanner, or Automatic Updates is not configured properly or out of date. You see these alerts in the system tray. You can disable these alerts by using the registry. Table 8-2 describes the REG_DWORD values for each type of alert. You set these values in HKLM\SOFTWARE\Microsoft\Security Center. (Create the key and settings if they don't already exist.) For example, to prevent Windows Security Center from displaying alerts when the Windows Firewall is not enabled (a configuration that Microsoft recommends against), set FirewallDisableNotify to 0x01.

Table 8-2 Security Center Settings

Name

Type

Values

AntiVirusDisableNotify

REG_DWORD

0x00–Disable AntiVirus alerts.

0x01–Display AntiVirus alerts.

AntiVirusOverride

REG_DWORD

0x00–Windows Security Center monitors AntiVirus.

0x01–Windows Security Center doesn't monitor AntiVirus.

FirewallDisableNotify

REG_DWORD

0x00–Disable firewall alerts.

0x01–Display firewall alerts.

FirewallOverride

REG_DWORD

0x00–Windows Security Center monitors the firewall.

0x01–Windows Security Center doesn't monitor the firewall.

UpdatesDisableNotify

REG_DWORD

0x00–Disable Automatic Update alerts.

0x01–Display Automatic Update alerts.

Windows Firewall

Windows XP SP2 and Windows Server 2003 SP1 include the new Windows Firewall. Most companies and many enthusiasts will want to customize the Windows Firewall during installation. Microsoft provides three methods of doing so. The best way to manage Windows Firewall settings in a business environment is to use the new Windows Firewall Group Policy settings. This method requires the use of Active Directory with either Windows 2000 or Windows Server 2003 domain controllers. For more information, see http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/depfwset/wfsp2wgp.mspx.

The following list describes methods that don't require Group Policy:

  • Unattended-setup answer file.

    The unattended-setup answer file (unattend.txt) for Windows XP SP2 has options to configure Windows Firewall settings when running an unattended setup of Windows XP SP2.

  • Netfw.inf.

    The Netfw.inf file for Windows XP SP2 can configure the Windows Firewall by specifying a set of registry settings equivalent to the options available from the Windows Firewall component in Control Panel and through Windows Firewall Group Policy settings when a user is performing an interactive setup of Windows XP SP2.

  • Netsh script.

    To configure computers running Windows XP with SP2 after SP2 has been installed, you can have your users run a script file, such as a .BAT or a .CMD file, that contains the series of Netsh.exe commands to configure the Windows Firewall operational mode, allowed programs, allowed ports, etc.

  • Custom configuration programs.

    To configure computers running Windows XP with SP2 after Windows XP SP2 has been installed, you can have your users run a custom configuration program that uses the new Windows Firewall configuration APIs to configure the Windows Firewall for operation mode, allowed programs, allowed ports, and other settings.

For more information about using these options, see http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/depfwset/wfsp2ngp.mspx.

You can disable Windows Firewall by using the registry. The settings are in HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall. (Create the key and values if they don't already exist.) First, there are two subkeys: DomainProfile and StandardProfile. The settings in DomainProfile apply when the computer is currently connected to the domain. The settings in the StandardProfile apply when the computer isn't currently connected to the domain (a disconnected laptop computer, for example). Within each of those two subkeys, create the value EnableFirewall. Set this value to 0x00 to disable the firewall in that scenario, or set it to 0x01 to enable it.


Previous page
Table of content
Next page
Microsoft Windows Registry Guide
Microsoft Windows Registry Guide, Second Edition
ISBN: 0735622183
EAN: 2147483647
Year: 2003
Pages: 186
Authors: Jerry Honeycutt
BUY ON AMAZON
MySQL Stored Procedure Programming
Absolute Beginner[ap]s Guide to Project Management
Lotus Notes and Domino 6 Development (2nd Edition)
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Managing Enterprise Systems with the Windows Script Host
Introducing Microsoft ASP.NET AJAX (Pro - Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy